Scammers have stolen at least $3.7 million worth of NFTs through phishing attacks posing as Yuga Labs’ Otherside NFT launch.
The phishing attacks involved at least five fake websites and Twitter accounts mimicking the Otherside, offering fake airdrops, gas refunds, and NFT sales.
Bored Ape Yacht Club NFT collectors have increasingly been targeted by hackers as the value of the NFTs has soared.
Share this article
Scammers swindled millions of dollars worth of high-prized NFTs from unsuspecting collectors amid the hype behind Yuga Labs’ Otherside NFT drop.
Scammers Steal Millions in Bored Ape NFTs
Phishing attackers keep scamming NFT collectors, and Bored Ape Yacht Club members are some of their biggest targets.
Yuga Labs’ Otherside NFT drop, which made the company around $310 million in a matter of hours on Sunday, provided fertile ground to crypto scammers looking to take advantage of careless NFT collectors. The Bored Ape Yacht Club creator’s sale was dubbed the biggest NFT drop in history, and scammers went all out to take advantage of the hype. At least $3.7 million worth of NFTs was lost over the past few days through phishing websites mimicking Otherside.
According to crypto security firm Peckshield, at least five fraudulent Twitter accounts with corresponding phishing websites posed as Otherside in the lead-up to the drop. They stole NFTs from collectors by asking them to connect their digital wallets to register for a fake NFT drop, APE token airdrop, or get a “gas refund,” then tricked them into signing a transaction that gave the hackers permission to drain their wallets.
Though the Otherside drop quickly sold out, minters collectively spent a staggering $165 million in fees due to the high demand and poorly-written smart contract code. As the network was so congested when the drop went live, successful minters had to spend about $7,000 on their transaction. In the days following the drop, many unsuspecting NFT collectors seem to have fallen for the scam sites offering gas refunds and extra rounds of Otherside NFT mints. “Wallets that were KYCed but failed to mint will get full gas refund. Registering for a refund will also automatically add you to Wave 2 Otherside Lands Raffle List,” one of the scam websites claimed. Another asked collectors to register for a fake Otherside Lands raffle list by connecting their wallet, while another simply put up a phony countdown to a fictitious mint.
While the full extent of the damage the phishing attacks have inflicted on collectors remains unclear, on-chain data suggests that scammers have collectively made off with at least $3.7 million worth of NFTs alone. One phishing website recently highlighted by the popular crypto sleuth zachxbt seems to have netted scammers at least five Bored Ape NFTs, 12 Mutant Apes, 36 Otherdeeds, and various other less-valuable NFTs worth around $2.7 million at current floor prices. Zerion data shows a haul of stolen NFTs from Bored Ape Yacht Club and other valuable collections sitting in the scammers’ wallets.
According to zachxbt, another wallet commencing 0xb8 also stole four Mutant Ape NFTs, one Bored Ape, and more than 30 Sandbox NFTs worth around $1.03 million. He also said that the 0xb8 wallet led to two other wallets, which held four Bored Ape, two Mutant Ape, two World of Women, and 19 Azuki NFTs together worth around $5.1 million. If the latter is correct, it would mean that Otherside scammers raked in around $8.8 million in NFTs alone, not accounting for any other crypto assets that could’ve been looted in the process.
Though the scam accounts did their best to replicate Yuga Labs’ Otherside project, there were some giveaways such as suspicious aesthetics and that called their veracity into question. Unfortunately, this incident is only the latest in a series of similar phishing exploits to have hit the NFT community—and specifically holders of Bored Ape Yacht Club’s prized NFTs. Last week, a scammer hacked Bored Ape Yacht Club’s official Instagram account and posted a malicious link that lured holders into sending around $2.7 million worth of NFTs. A few weeks before that, Bored Ape Yacht Club’s Discord server was compromised, leading to the theft of NFTs from Bored Ape Yacht Club, Doodles, and other collections.
Disclosure: At the time of writing, the author of this piece owned ETH and several other cryptocurrencies.
Share this article
The information on or accessed through this website is obtained from independent sources we believe to be accurate and reliable, but Decentral Media, Inc. makes no representation or warranty as to the timeliness, completeness, or accuracy of any information on or accessed through this website. Decentral Media, Inc. is not an investment advisor. We do not give personalized investment advice or other financial advice. The information on this website is subject to change without notice. Some or all of the information on this website may become outdated, or it may be or become incomplete or inaccurate. We may, but are not obligated to, update any outdated, incomplete, or inaccurate information.
You should never make an investment decision on an ICO, IEO, or other investment based on the information on this website, and you should never interpret or otherwise rely on any of the information on this website as investment advice. We strongly recommend that you consult a licensed investment advisor or other qualified financial professional if you are seeking investment advice on an ICO, IEO, or other investment. We do not accept compensation in any form for analyzing or reporting on any ICO, IEO, cryptocurrency, currency, tokenized sales, securities, or commodities.
See full terms and conditions.