Disclaimer: Information found on CryptoreNews is those of writers quoted. It does not represent the opinions of CryptoreNews on whether to sell, buy or hold any investments. You are advised to conduct your own research before making any investment decisions. Use provided information at your own risk.
CryptoreNews covers fintech, blockchain and Bitcoin bringing you the latest crypto news and analyses on the future of money.
An NFT trader suffered a loss exceeding $145,000 in tokens due to a BAYC phishing scam, as reported on May 9 by the on-chain security platform PeckShield.
PeckShield disclosed that a trader identified as “tatis.eth” became a target of a phishing scheme executed by an attacker known as “PinkDrainer.” The malicious actor took three valuable BAYC NFTs – BAYC 7531, BAYC 6736, and BAYC 2100 – from the trader’s wallet.
The BAYC Phishing Scam That Led to the Loss of $145,000 Worth of NFTs
BAYC, or Bored Ape Yacht Club, consists of 100,000 Ethereum-based collectibles. These NFTs rank among the most prominent and costly in the market, showcasing profile images of bored cartoon apes with various expressions and attire.
#PeckShieldAlert ZachXBT has identified that tatis.eth has been a victim of a phishing attack, resulting in the theft of 3 #BoredApeYachtClub NFTs, specifically #BAYC #7531, #BAYC #6736, & #BAYC #2100.
The scammer #PinkDrainer has already liquidated the stolen #BAYCs for a total of approximately 48.5… pic.twitter.com/vU0EPndvRM— PeckShieldAlert (@PeckShieldAlert) May 9, 2024
A related report from ZachXBT indicated that the stolen NFTs were transferred to a phishing address named “Fake_Phishing328357” on May 8 at 5:47 PM UTC. Subsequently, the attacker sold the three NFTs for a combined total of 48.5 ETH, roughly equivalent to $145,000.
Source: Blockchain Data/ZachXBT
This incident is not the first occurrence involving the “PinkDrainer” scammer in such malicious activities. Cyvers Alerts, a real-time security alert service, recently reported a similar phishing incident where a victim’s wallet was drained of $92,800 worth of Ethereum to the same “PinkDrainer” address.
ALERTOur system just detected #PinkDrainer phished and address at https://t.co/WA1Jg18sbL
Victim lost $92.8K worth of $stETH.
Victim: https://t.co/NT0lpuIlPB
Scammer: https://t.co/RdUNZJ1F7W
Funds are funneled to https://t.co/hyH2yXD4Tmhttps://t.co/hyH2yXD4TmWant to keep… pic.twitter.com/1kbcI95PsK
— Cyvers Alerts
(@CyversAlerts) May 9, 2024
(@CyversAlerts) May 9, 2024In December 2023, the same group of hackers reportedly stole Chainlink (LINK) tokens valued at $4.4 million by deceiving users into authorizing transactions related to the “IncreaseAllowance” function.
Related Posts
During the fourth quarter of 2023, there were numerous reports of scammers impersonating legitimate platforms and protocols to gain transaction approvals and steal digital assets from unsuspecting users.
A significant case involved the JPEG’d NFT protocol, where the community had to address in October 2023 the emergence of multiple fraudulent platforms mimicking its offerings to obtain transaction approvals, thereby scamming users of their NFTs and digital assets.
Over $104 million Has Been Lost to Crypto Phishing And NFT Scams in 2024
The crypto sector has experienced substantial losses due to phishing attacks in the initial two months of 2024.
Data from Scam Sniffer indicates that approximately 97,000 users have fallen prey to these sophisticated scams, resulting in a cumulative loss of $104 million in cryptocurrencies. This was followed by a report indicating that $46.86 million worth of crypto was stolen in February 2024.
The Ethereum ecosystem has been particularly targeted, with $78 million of the total losses attributed to users’ Ether and ERC20 tokens being drained from their wallets.
The majority of these funds were lost due to unsuspecting users signing harmful signatures, such as “ERC20 Permit” and “increaseAllowance,” which provide attackers with unauthorized access to their assets.
Crypto News also reported in April 2024 that phishing campaigns were aimed at Etherscan users, with various advertisements being utilized for malicious activities.
Scam Sniffer’s analysis revealed that cybercriminals have been exploiting social media platforms, especially X (formerly Twitter), to entice unsuspecting victims to phishing sites.
These hackers post misleading comments under the X posts of targeted accounts, impersonating customer representatives and directing users to harmful websites where their assets are at risk.
While the losses in the first two months of 2024 are alarming, they represent only a small portion of the $300 million in total funds lost by users to crypto phishing attacks throughout 2023.
The post NFT Trader Loses $145K To BAYC Phishing Scam appeared first on Cryptonews.
