According to a study made public on Tuesday by Web3 security company Immunefi, about 150 Bored Ape Yacht Club non-fungible tokens had been stolen since the blue-chip collection started in June 2021. The 143 NFTs, which have a combined value of $13,582,962, were taken from their owners using a variety of tricks and hacks.
Some of the Biggest BAYC NFT Hacks
In one case from 2022, Hackers disguised themselves as Boris Vagner, the channel moderator, and sent a fraudulent phishing link to the BAYC official Instagram profile in April in order to steal user data.
In another big incident, NFT collector Todd Kramer, from New York, claimed his collection of 16 BAYC NFTs, valued at $2.28 million, was hacked. According to reports, NFT marketplace OpenSea had frozen Todd Kramer’s NFT assets, which include a Clonex, seven Mutant Ape Yacht Clubs, and eight BAYC NFTs.
The hacks continued on BAYC NFT’s Instagram account, where phishing links were sent out to users to steal tokens. Hackers were successful to steal NFTs worth $3mn.
https://twitter.com/notthreadguy/status/1518621602795212800?s=20&t=zTgxhGuvkahJ78d6BP_qWQ
In another hack, a user called “Pascal | OpenSea” invited Jeff Nicholas to the “OpenSea Support Server” on Discord in October in response to his royalties request. Using Nicholas’ shared screen, fraudsters scanned his QR code to gain access to the NFT apes, cats, and dogs. It was too late for him to uncover the truth, and 150 ETH worth $480,000, was lost.
https://twitter.com/_jeffnicholas_/status/1430046727843717125?s=20&t=o9NLUwNA7TGJst6702ANPQ
Immunefi obtained data by checking OpenSea for suspected Bored Apes and social media for theft accusations that were probed using blockchain analytics. They searched for unusual behavior from the collection’s establishment until early August 2022.
143 NFTs constitute a fraction of the 10,000 accessible BAYC NFTs, but once stolen, decentralized assets are difficult to be recovered.
As Yuga Labs offers IP rights to Bored Ape owners, those rights are lost to hackers and awarded to anyone buying the stolen goods subsequently, knowingly or unknowingly. According to a report released by blockchain analysis company Elliptic last week, more than $100 million worth of NFTs were stolen between January and July.
***