Bored Ape Yacht Club investors aren’t having a great start to the week. For the third time this year, hackers have been able to infiltrate Bored Ape social media communities. They’ve been using the platforms as an in to make dirty money. A heist worth $360,000 occurred over the weekend, leading to heavy losses for the unlucky victims. Now, investors are wondering whether parent company Yuga Labs will do a better job of shoring up its defenses.
The Bored Ape non-fungible token (NFT) collection is easily the biggest name in the asset class, drawing the admiration of some and the ire of others since launching just over a year ago. The months since have seen the collection of monkey-themed tokens appreciate to jaw-dropping levels; some of the 10,000 have sold for millions.
Much of the outside world continues to levy criticism at the idea of million dollar JPEGs. All the while, though, Yuga Labs has been slowly building out its offering to appease the fervent Ape-faithful. Multiple other collections have released, including the near-equally popular Mutant Ape Yacht Club. The company is also in the midst of its Otherside metaverse rollout, backed by a community-created Bored Ape (APE-USD) token.
This gradual widening of the Bored Apes brand is being met with adversity elsewhere, though, by way of hackers. As is the case with most blockchain projects, hackers and scammers are a constant threat. And as Yuga Labs is proving, it is less adept at preventing these scams than investors would like.
Bored Ape Hack Drains Investors of $360,000 in Assets
A Bored Ape hack over the past weekend makes for the third such attack on the community this year. Indeed, the collection’s fast track to blockchain stardom has painted a target on its back. This means rough seas for investors.
Over the weekend, a hacker was able to infiltrate the Bored Ape Discord community. Posing as Yuga Labs employees, the hacker was able to lure several investors to a fraud website meant to look like the official Bored Apes page. Some investors gave their wallet information freely to the website. The perpetrator then promptly removed assets from these wallets and ran off with them.
According to a post-mortem report supplied to InvestorPlace, blockchain security outfit CertiK says the hack was made possible through the theft of a Yuga Labs community manager’s account. The hacker took control of the account in order to implement its phishing scam; by making the website so close to the real Bored Apes site, the scam is all too convincing.
The attack marks the third one levied at Bored Apes this year. The first two came in April. While one saw a user infiltrate the Discord community, no assets were stolen. A second hack in late April saw a perpetrator access the project’s official Instagram page, using a similar phishing scam to steal 91 NFTs worth over $1.3 million. The most recent theft was not quite as successful, but it’s still shaking the community to its core. The hacker was able to steal 200 Ethereum (ETH-USD)-worth of Ape NFTs.
In the wake of the hack, Bored Ape co-founder Gordon Goner is criticizing Discord as a detriment to the Web 3.0 community. However, the comments are receiving backlash from others within the blockchain community, pointing out that Yuga hasn’t worked hard enough to secure its own community.
On the date of publication, Brenden Rearick did not have (either directly or indirectly) any positions in the securities mentioned in this article. The opinions expressed in this article are those of the writer, subject to the InvestorPlace.com Publishing Guidelines.