It’s the same story on the BAYC – The NFT project Bored Ape Yacht Club (BAYC) is again the victim of a hack. The blockchain security company Certik looks into this hack and provides tips to help NFT holders protect their assets.
The BAYC: the favorite target of hackers
Certik related, in his blog post of June 4, 2022, the details of the second hack of this year from the Bored Ape Yacht Club. The attack took place on June 4, 2022.
The hackers published, on the BAYC Discord server, a link pointing to a phishing website which was a copy of the official website of the NFT project. However, the malicious site had subtle differenceswhich the victims unfortunately did not notice.
It did not include any links to social networks and had a extra tab with the mention “claim your free otherside land” for a limited period. The victims had to connect their wallet to that of the hackers via the phishing site to be able to benefit from this false distribution free of NFT.
Hackers specifically targeted holders of NFT Bored Ape Yacht Club, Mutant Ape Yacht Club (MAYC), and OthersideMeta.
They sent a total of about 142ETH to protocol Tornado Cash to anonymize these cryptocurrencies obtained through the sale of the stolen NFTs – some addresses involved in tracing these hackers’ earnings are linked to previous phishing attacks.
>> Play it safe, register on the reference of FTX crypto exchanges (affiliate link) <<
Free NFTs: Crude Bait, But Still Works
Following this attack, Certik provided safety tips to NFT holders in his statements to the Coin Telegraph media.
The company invites NFT owners to the cautionfaced with offers of“free assets, as these can often be phishing attacks”. It also highlights the existence of the previously mentioned subtle differences between the phishing site and the official BAYC site.
Certik has encouraged NFT holders to pay particular attention to these differences which are red flags to recognize a malicious site.
Finally, he highlighted the need for NFT owners who wish to follow the guidelines given to benefit from a free distribution of digital assets to:
“(…) confirm the legitimacy of the site by comparing it to a known and confirmed site and by looking for any anomalies. »
The attacks follow each other and are almost alike for the Bored Ape Yacht Club. As a reminder, the first of this year was already using the same ingredients: a phishing attack and one fake airdrop.
Stay away from spammers and scammers of all kinds. So avoid too-good-to-be-true offers like the plague and get into the habit of showing healthy distrust. On the other hand, also learn to place reasonable trust in respectable and recognized players in the ecosystem. The FTX platform falls without a shadow of a doubt into this second category. Come acquire and trade your first bitcoins and other cryptocurrencies by registering on FTX. You will benefit from a lifetime discount on your transaction fees (affiliate link).