When the user confirmed the transaction, they transferred their three pricey apes to the scammer, receiving three worthless ones in return. NFT trader 0xQuit estimated the loss at around $587,000.
Scammer takes advantage of a platform's poor UX to steal several pricey Bored Ape NFTs
Amidst rumors of market manipulation, Waves' USD-based "stablecoin" loses peg, drops to $0.82
User loses £55,000 (~$72,000) to Trezor phishing email
The email in question appeared to be from Trezor, and claimed that users' funds were in jeopardy. It prompted them to download a new (fake) version of the Trezor wallet software, and when users entered their seed phrase to restore their wallet from a backup, it drained their crypto. "What a mug I am," wrote the affected user. "Had been building up my BTC for seven years and lost it in a few minutes' utter stupidity."
The Reddit post also included two follow-up edits, displaying the victim blaming that is common when users are hit with phishing scams and other attacks. The user wrote "Edit: yes I entered my keys, because I'm a twat Edit 2: a lot of people saying they'd never fall for it. I hope they're right."
- "I fell victim to the Trezor phishing scam" Reddit post on r/bitcoin
Attack on Inverse Finance results in a $15.6 million loss
Waves protocol Vires Finance loses $530 million after questionable withdrawals
Waves founder Aleksandr Ivanov blamed the withdrawals on outsiders. However, various crypto researchers believe they have identified Ivanov as the one behind wallets involved in the mass withdrawals. These allegations were later repeated by the FTX bankruptcy estate in an adversary lawsuit against Ivanov.
- "Waves founder’s role in lost $530m raises questions about who’s to blame", DL News
- Adversary case by FTX vs. Aleksandr Ivanov.
Taiwanese singer Jay Chou has Bored Ape stolen
The theft prompted security researchers at Check Point Research to investigate what ended up being a serious bug in Rarible, where malicious NFTs could execute JavaScript and trick users into signing a contract that would then empty their wallets.
- "Taiwanese star Jay Chou says Bored Ape NFT has been stolen by 'phishing website'", South China Morning Post
Class action lawsuit filed against "Let's Go Brandon" coin creators for alleged pump-and-dump
De Ford has named the LGB coin creators in the suit, as well as NASCAR, and promoters like Brandon Brown and Candace Owens.
Apparent scammers drop NFTs appearing to be from the Bored Ape Yacht Club project
Whoever was behind these transactions airdropped fake NFTs purporting to be a part of an upcoming BAYC metaverse land project, sending them to owners of pricey NFTs and various NFT influencers. It's not clear whether the NFT can perform malicious actions, or if any individuals have been impacted by it if so. However, part of the scam appeared to be to try to entice other users hoping to get in on the next new BAYC project to fall for a phishing scam. Tracing the transactions back showed an OpenSea profile with a fake "verified" badge and a mint link to what appears to be a phishing website, which invites people to connect their wallets to supposedly mint their own BAYC land NFTs.
Discord servers of several big-name NFT projects including Bored Apes and Doodles are compromised
Other Discords reported to be compromised include several other big-name projects including Doodles, which had previously endured a Discord compromise in late February. This particular compromise appeared to stem from a series of compromised Discord bots, including a very popular CAPTCHA bot used to fight spammers. It's unclear if anyone lost money to the fake links posted by seemingly-official Discord accounts, or how much, but these types of attacks often lure in at least some victims, and the higher-priced NFT projects like Bored Apes and Doodles enable scammers to ask for quite a lot of money without raising an eyebrow.