In a recent update, an NFT trader has reportedly lost more than $145,000 worth of Bored Ape Yacht Club (BAYC) NFTs to a phishing attack today. The news has sparked concerns across the NFT and broader cryptocurrency community, highlighting the growing rate of scammers that have rocked the crypto landscape.
A previous report from TheBlock revealed that over $104 million in crypto was lost to phishing attacks within the first two months of 2024, affecting about 97,000 users at the time. In January, about $57.7 million was lost and $46.8 million in February. With the latest occurrence, the value of lost digital assets keeps rising.
On-chain Data Spots More Than $145k Loss in Phishing Scam
Popular on-chain Web3 security platform, PeckShieldAlert has called our attention to a massive phishing scam involving a loss of more than $145,000 worth of Bored Ape Yacht Club (BAYC) NFT tokens. In a post on X, the aforementioned platform breaks down how it happened. According to the post, prominent blockchain sleuth, ZachXBT detected that an NFT trader known by ‘tatis.eth’ had fallen victim to the attack resulting in the loss of 3 BAYC NFT tokens.
The attacker identified as ‘PinkDrainer,’ stole the BAYC 7531, BAYC 6736, and BAYC 2100 collections, transferring them to the same phishing address labeled as ‘Fake_Phishing328357’ on May 8 at 05:47 PM UTC. Subsequently, the attacker sold the collections for 48.5 ETH, equivalent to $145k according to data from Etherscan.
#PeckShieldAlert ZachXBT has detected that tatis.eth has fallen victim to a phishing attack, resulting in the loss of 3 #BoredApeYachtClub NFTs, specifically #BAYC #7531, #BAYC #6736, & #BAYC #2100.
The scammer #PinkDrainer has already sold the stolen #BAYCs for a total of ~48.5… pic.twitter.com/vU0EPndvRM— PeckShieldAlert (@PeckShieldAlert) May 9, 2024
For context, phishing attacks involve scammers creating fake and fraudulent emails and websites, sending them to victims, and luring them to give away private information like their crypto wallet key details. These scammers go as far as impersonating reputable companies, offering fake tokens, and sometimes promising free money.
Meanwhile, this is not the only incident that has been linked to the PinkDrainer scammer. In a recent post on X, Cyvers Alerts a real-time security alert platform, reported a phishing scheme involving the loss of a significant amount of Ethereum. The victim’s wallet identified as ‘0x2b7c’ was drained of $92.8k worth of ETH to the PinkDrainer address ‘0x6360’ at approximately four hours ago from press time.
In particular, these hacks were common in the fourth quarter of last year. An NFT protocol called JPEG’d warned its community in October of last year about multiple fraudulent platforms that were imitating its offerings in an attempt to obtain transaction approvals before depriving users of NFTs and digital assets. Also, a similar issue affected Flooring Protocol, a liquidity solution for NFTs, in December 2023 when an attack was made against its multi-call or peripheral smart contract.
Credit: Source link