According to developers at Bored Ape Yacht Club (BAYC), hackers infiltrated the popular nonfungible token (NFTs) collection’s official Instagram page on Monday and published links to a bogus airdrop with the project’s followers.
Crypto fans who linked their MetaMask wallets to the bogus website had their Ape NFTs drained. The attempt appears to have been timed to coincide with the one-year anniversary of the BAYC collection’s introduction, improving the perceived trustworthiness of the phishing link.
According to unconfirmed social media sources, roughly 100 NFTs were stolen during the phishing attack. According to CoinGecko data, the floor price of each BAYC NFT is approximately 139 Ether (ETH), or $400,726.
Thus, if the reports are correct, the attack resulted in the loss of more than $40 million in assets. However, because the figures are based on the floor price, they may only represent the lower end of the estimate.
It was unknown at the time of writing how hackers got access to BAYC’s official Instagram account. While some social media users emphasize the necessity of two-factor authentication as an effective barrier against illegal log-ins, others argue that such systems are not completely foolproof and can be defeated by a SIM-card swap.
BAYC has developed to become an all-time favorite NFT collection in the crypto world, with sales exceeding $1 billion in 2021. The supply of the collection is limited to 10,000 NFTs.