Yesterday, Yuga labs creator of the famed Bored Ape Yacht Club (BAYC) announced the hack of their social media accounts – the official Instagram account and their discord account.
The hacker compromised the account on Monday morning, which gave them control of the BAYC Instagram account. After taking control they posted an announcement of a fake airdrop and deployed a fraudulent link to lure the followers and gain access to their wallets. The fraudulent link promised its victims that they could mint LAND in the BAYC metaverse platform Otherside slated to launch next week.
Users who fell victim clicked on the fraudulent link. This gave the hackers access to their wallets. From which they moved digital assets including NFTs to multiple wallets.
At the moment it is estimated that 24 Bored Apes and 30 Mutant Apes were lost from the compromise of the BAYC Instagram account. And based on the floor price the lost assets amounts to $13.7 million worth of NFTs.
When the team discovered the hack, they announced that there was no mint going on on their Twitter handle. But before the announcement went public, some holders had lost their apes.
“There is no mint going on today. It looks like BAYC Instagram was hacked. Do not mint anything, click links, or link your wallet to anything”.
With the help of Social Media giant Instagram, the BAYC account was back in the hands of Yuga labs in no time.
Yuga labs Co-founder spoke on the hack, and advised victims of the hack. He stated that the team is open to helpful info on the hack. Furthermore those affected are advised to contact the team via a dedicated email address ighack@yugalabs.io. And further clarified that the team will not contact anyone first nor ask for their seed phrase.
Furthermore the Yuga lab team is reviewing the incident and have promised that a thorough review of the incident. The full extent of the hack and the number of NFTs stolen by the hackers will be clear after the post morterm by the team.
BAYC team’s failure to enable a two-factor authentication on their Instagram account is a likely cause of the compromise. But the Co-founder stated that the team enable 2FA on its Instagram account and all the security practices were tight too. With that end covered according to BAYC cofounder’s testimony, the hackers MO remains unclear.
Numerous crypto projects have been hacked recently, a trend which is very worrisome and points to a possible industry-wide attack. Crypto expert and DeFiance founder Arthur Cheong had warned of a possible wide scale attack by a North Korean hacker group BlueNorOff.