The instagram account of Bored Ape Yacht Club NFT was hacked and the hackers shared a Fake Land mint website by their name to trap its users.
The hqckers also advertised a fake distribution of NFTs, known as an airdrop in the web3 world and tricked the users into clicking on a malicious link.
The hacker's Ethereum address also received 134 NFTs worth $2.7 million within few hours.
The club soon alerted its community and removed all links to Instagram from its platforms.
TPRM report: https://scoringcyber.rankiteo.com/company/bored-ape-yacht-club
"id": "bor1820522",
"linkid": "bored-ape-yacht-club",
"type": "Cyber Attack",
"date": "04/2022",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization's existence"
{'affected_entities': [{'industry': 'NFT, Blockchain',
'name': 'Bored Ape Yacht Club',
'type': 'Company'}],
'attack_vector': 'Phishing, Social Engineering',
'description': 'The Instagram account of Bored Ape Yacht Club NFT was hacked, '
'and the hackers shared a fake Land mint website to trap its '
'users. The hackers also advertised a fake distribution of '
'NFTs, known as an airdrop in the web3 world, and tricked '
"users into clicking on a malicious link. The hacker's "
'Ethereum address received 134 NFTs worth $2.7 million within '
'a few hours. The club soon alerted its community and removed '
'all links to Instagram from its platforms.',
'impact': {'brand_reputation_impact': 'Moderate',
'financial_loss': '$2.7 million',
'systems_affected': 'Instagram Account'},
'initial_access_broker': {'entry_point': 'Instagram Account'},
'motivation': 'Financial Gain',
'post_incident_analysis': {'root_causes': 'Social Media Account Compromise'},
'response': {'containment_measures': 'Alerted community and removed all links '
'to Instagram from its platforms'},
'title': 'Bored Ape Yacht Club NFT Instagram Account Hack',
'type': 'Phishing, Social Engineering',
'vulnerability_exploited': 'Social Media Account Compromise'}