A Twitter phishing scam hacked verified accounts, some of which had Bored Ape Yacht Club (BAYC) profile pictures. The scam sought to defraud crypto-savvy users of a little more than $1 million this week through a phony ApeCoin airdrop.
For those who missed last week’s news, ApeCoin is a cryptocurrency that can be claimed by BAYC and Mutant Ape Yacht Club (MAYC) holders. It was launched by ApeCoin DAO, and the token will power several spin-off projects from the BAYC franchise.
This week’s fake airdrop lured victims with an ostensibly legitimate tweet coming from hacked accounts, which read, “Launch of Ape Coin has been a big success! We have collectively decided to airdrop some more to active NFT Traders/Holders. If you don’t currently own NFTs, you can claim with a 0.33 ETH fee!”
The tweet then enclosed a link as bait for the scam.
Unpacking the Ape Coin airdrop scam
NFT collector Bored Alien Silver Ape was one of the worst affected. He lost over half a million dollars worth of BAYC and MAYC NFTs in the attack, according to Etherscan.
He immediately blamed an account called Bhawana Ghimire, a name possibly drawn from the former CEO of the Cricket Association of Nepal.
Blockchain analytics account AnChain.AI posted a play-by-play breakdown of the heist and identified three more compromised accounts involved in spreading the attack: Dana.eth, who also claimed to be a BAYC founder, sports journalist Gavin Quinn, and musician Mila.
An account called “NFTEthics” also identified business journalist Todd Wasserman as having had his account compromised in the scam.
Just for the avoidance of doubt. The verified account @BhawanaCAN is an obvious scam promoting an “Ape Coin airdrop” and also the verified account of @ToddWasserman has been hacked and used for scamming. Almost nothing is what it seems, and if it seems too good to be true, it is. pic.twitter.com/skw6d6jnFi