Threat Management, Threat Management, Breach, Risk Assessments/Management

Nearly $3M in NFTs stolen in Bored Ape Yacht Club Instagram hack

The Register reports that almost $3 million worth of non-fungible tokens have been exfiltrated by threat actors that hacked into the Instagram account of the Bored Ape Yacht Club, who then posted a link redirecting to a spoofed website aimed at asset harvesting. BAYC, which sells various photos depicting apes in different poses and costumes for crypto-coins, has already warned users against minting, clicking links, or linking their wallets in the aftermath of the attack. Notifications to impacted users are already underway, according to a spokesperson for Yuga Labs, which created BAYC, who added that the NFT collection's Instagram account had two-factor authentication enabled and had "tight" security practices. "Yuga Labs and Instagram are currently investigating how the hacker was able to gain access to the account," the spokesperson added. The attack comes after BAYC had its Discord server breached, resulting in the theft of one NFT, as reported by PeckShield.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.