Millions Worth of Bored Ape Yacht Club NFTs Stolen; How to Keep Your Wallet Safe

NFTs are all the rage, but all of the new money invested also comes with new forms of hacking.

Many celebrities and regular folk alike have ventured into the realm of non-fungible tokens in recent years. While they are lauded as the future of technology, and an entirely new way of trading commodities, they come with some risks. The very nature of the blockchain and cryptocurrency world is decentralization. It’s about taking power away from large centralized institutions, such as banks, and giving the power to the individual, the investor, who has the power to buy, sell, and trade directly.

The user also is typically the sole holder of their private keys and therefore is responsible for keeping their coins and tokens safe. The very nature of decentralization, however, leaves some vulnerabilities in that there are less regulations and institutions set in place to help protect assets.

Bored Ape Yacht Club hack

One of the most recognized collections of NFT art is Bored Ape Yacht club. This collection of cartoon monkey images on the Ethereum blockchain, has gained recognition for its vast number of unique digital collectibles, and their rising value. On Monday, April 25, BAYC was hacked. A statement from a spokesperson claimed that, “Rough estimated losses due to the scam are 4 Bored Apes, 6 Mutant Apes, and 3 BAKC , as well as assorted other NTFs estimated at a total value of $3m.”

The hackers found a way into BAYC’s Instagram account and Discord server. This was used to post a fraudulent update advertising a LAND airdrop, with a link and a “safeTransferFrom.” When users clicked and submitted the form, the website stole their NFTs.

The company promptly posted on Twitter saying, “This morning, the official BAYC Instagram account was hacked. The hacker posted a fraudulent link to a copycat of the BAYC website with a fake Airdrop, where users were prompted to sign a ‘safeTransferFrom’ transaction. This transferred their assets to the scammer's wallet.” It went on to say, “There is no mint going on today. It looks like BAYC Instagram was hacked. Do not mint anything, click links, or link your wallet to anything.”

How to safely store your NFTs

Although much of the cryptocurrency technology is relatively new and frequently advancing, there are ways to beef up the security of your own private holdings. First off, sharing is not caring in the crypto world; never share your screen, private keys, recovery phrase or seed phrase with anyone. When it comes to minting, always confirm you are doing so on the verified website. You can also double check the contract address to see where the NFT was minted. It is also recommended to check the official Twitter and other social media platforms of the collection. Lastly, it is always a good idea to store your NFTs in a cold storage hardware wallet (Trezor and Ledger are popular ones). This keeps your private information stored in the actual device, which makes it much more difficult for hackers to access.

Bottom line

There are vulnerabilities in the evolving world of NFT technology, as seen in Monday’s Bored Ape Yacht Club hack. Use these best practices to keep your coins and tokens safe.