Notorious Hacker Steals 14 BAYCs Worth Over 852 ETH ($1.07 Million)
Over the weekend, a notorious hacker known as Jason Brubeck succeeded in stealing approximately 850 ETH ($1+ million) of the Bored Ape collection, leaving his victim completely devastated.
The news was initially turned off @hose, who had been able to track and identify the suspect’s activity with impressive precision through phishing tactics. Such gross fraud is a stark reminder of how important it is for all users to be vigilant when shopping for digital assets online.
Unraveling the breakup
Through a carefully planned attack involving intricate social engineering tactics, 14 of Bored Ape Yacht Club’s NFTs were stolen from the victim by the hacker.
According to @serpent, the hacker contacted the victim and asked to license IP rights for BAYC #2060. They claimed to be a casting director for Forte Pictures, an LA-based Emmy Award-winning company. While the studio exists, the alias the scammer used was fake.
The fraudsters pretended to make an NFT-related film called “The Return of Time” in collaboration with “Unemployed”. Unemployed was an “AI powered social IP platform for NFTs”, also a scam.
The hacker was able to trick the victim into signing port signatures/contracts outside of Opensea using a fake website to steal the Bored Ape Collection
NFT fraud reaches unprecedented levels this year
This year has seen a dramatic increase in the number of DeFi and NFT hacking attempts, with Bored Ape Yacht Club (BAYC) losing ETH 200 worth of digital assets early this year. However, a number of such cases include the famous Hollywood actor Seth Green.
These incidents are not exclusive to BAYC alone – many other popular ‘blue chip’ NFT pools have experienced similar security issues. Other notable victims include Zeneca, an NFT influencer, and PREMINT – an NFT registration platform – both fell victim to hacks in mid-July. In August, Solana wallet provider Phantom took swift action by introducing a new feature that fires spam sent through fraudsters’ NFTs, proving to be at the forefront of phishing prevention.
Prevention of NFT fraud
With the NFT market rising to over $40 billion in trading volume by 2021, it’s no shock that cybercriminals are using fraudulent NFT activities to target victims.
To prevent NFT fraud, it is important to understand what you are signing in order not to sign random signatures and transactions.
Serpent shared in his thread that NFT holders must always remember to use multiple wallets, verify identities and never sign arbitrary transactions or signatures if they want to protect their assets.