The hackers targeted several users with Bored Ape Yacht Club profile pictures on Instagram to get them to rent out the NFTs.
According to a recent report, metaverse platform, The Sandbox had its Instagram account compromised as hackers attempted to rent Bored Ape Yacht Club Non Fungible Tokens (NFT) from its followers. A brief investigation disclosed that the attackers bypassed the two-factor authentication and other security measures on the account. After getting access, they changed the website’s URL with a link leading to a malicious site.
“Our Instagram account has been compromised 1 hour ago – despite 2FA and more protections. We’ve notified Instagram to resolve this. Do NOT click on the new link on The Sandbox Instagram account bio or fake ‘Season 4 Raffle Stay SAFE and alert.’ Thanks for reporting,” tweeted Sebastien Borget, Sandbox co-founder and chief operating officer an hour after the account was hacked.
One user claims to have lost NFTs after clicking on the compromised link. Those who followed the link stated that they were prompted to connect their web-based wallets to stand a chance of winning a raffle.
On top of this, the hackers targeted several users with Bored Ape Yacht Club profile pictures on Instagram to get them to rent out the NFTs. According to Borget, the hackers offered 40 ETH to use the BAYC NFTs for 24 hours.
The account was recovered a few hours later. However, the stories promoting the fake giveaways were still live for hours.
“Instagram account recovered. The hacker tried to rent Bored Apes Yacht Club NFTs – using our account. We would NEVER ask via DM and have contacted all users to notify them,” said Borget.
It can be recalled that the Bored Ape Yacht Club had its Instagram account hacked similarly. Hackers stole over $2.8 million worth of NFTs after redirecting followers to a scam website.
The Sandbox is a renowned platform in the world of the metaverse, having sealed partnerships with several celebrities including Paris Hilton and Snoop Dogg. Also, Adidas and other companies have launched NFTs wearables, etc compatible with The Sandbox.
The past couple of weeks have seen multiple attacks in the crypto and Web3 industry with Nomad bridge having 41 wallet addresses drained by hackers. Similarly, several Solana-based wallet addresses lost almost $8 million worth of cryptos. An attack on ZB.com also saw the exchange losing about $4 million in cryptos.
Excellent John K. Kumi is a cryptocurrency and fintech enthusiast, operations manager of a fintech platform, writer, researcher, and a huge fan of creative writing. With an Economics background, he finds much interest in the invisible factors that causes price change in anything measured with valuation. He has been in the crypto/blockchain space in the last five (5) years. He mostly watches football highlights and movies in his free time.