BAYC Instagram Account Hacker Donates 1.6 ETH To Ukraine

A hacker took control of the Instagram account of the NFT platform, Bored Ape Yacht Club (BAYC) on Monday, April 25. The hacker stole NFTs worth approximately 765 ether through a phishing link posted on the BAYC official Instagram account.

According to an update from Peckshield Alert, the hacker sold 23 of the stolen NFTs, making a profit of $2.4 million. The report shows that the hacker also sent a donation of 1.6 ETH in support of the Ukrainian military. They then proceeded to send more of the realized funds to centralized exchanges.

A day after the exploit (April 26), the hacker has moved 65% of the funds from their Ronin wallet. 22% of the stolen funds which is approximately 39,700 ETH had been laundered through Tornadocash while 41% has been moved to new wallets.

A Phishing Link

An April 25 post by the BAYC team stated that the platform’s official Instagram account was hacked. According to the release, the hacker posted a phishing link that promoted an airdrop which some users fell for. Apparently, the link led users to a phishing site that imitated the original BAYC website. In a twitter post, the platform stated that those that clicked on the phishing link were led to the site and prompted to sign a ‘safeTransferFrom’ transaction, and consequently lost their NFTs to the hacker.

Hacked Despite 2FA

The BAYC team reported that they attempted to warn users when they discovered that the social media account had been hacked. They also attempted to recover the Instagram account which was backed by a 2FA. The team said that they’re investigating how the hacker gained access to the account which was operated by the company using best practices.

According to an update, customers who lost their tokens through the compromised Instagram account that resulted in the phishing scam to reach out to the team. They maintained that they wouldn’t be reaching out first to those that lost their NFTs first. The release also stated that the team will not announce subsequent minting via its Instagram channel but via Twitter.

Author: Jofor Humani

Jofor is a crypto journalist with passion for investigative review of projects with the aim to determine the authenticity of their claims.