Another phishing attack targeted BAYC and resulted in $3M worth of stolen NFTs

Yuga Labs, the creators of the Bored Ape Yacht Club, was targeted by yet another hacking attack which resulted in millions worth of stolen assets.

The incident happened after a malicious party managed to get control of the BAYC Instagram account from where they posted a fishing link which fooled many followers into connecting their wallets to the malicious smart contract. The contract was designed to enable the attacker to steal the assets held in the wallets connected to it. Besides BAYC NFTs, the attacker managed to get ahold of numerous other NFT held in affected users’ wallets.

At the time of writing, the estimated value of the theft is said to be around $3 million. Although not a technically complicated hack like we are used to seeing in the cryptocurrency field, the BAYC latest attack made security experts remind users once again to double-check any link they visit, as phishing attacks remain one of the most often used type of scams.

Since BAYC has been keeping NFT collectors’ interest since its release, essentially growing in value, BAYC holders have been infamously targeted for attacks before. Less than a month ago, a pseudonymous user lost a collection appraised at $500,000 after a scammer tricked them into swapping it for counterfeits.

Another BAYC holder fell victim of a phishing attack in December, when a collection worth $2.2 million was stolen. Later, the owner managed to recover a portion of his stolen assets with the help of OpenSea.

So far, the only statement released from Yuga Labs regarding the latest incident goes to say that the company is investigating alongside Instagram how the attacker managed to gain access to the account although 2FA was enabled.