When the user confirmed the transaction, they transferred their three pricey apes to the scammer, receiving three worthless ones in return. NFT trader 0xQuit estimated the loss at around $587,000.
Scammer takes advantage of a platform's poor UX to steal several pricey Bored Ape NFTs
A trader who owned a Bored Ape and two Mutant Ape NFTs apparently reached a deal to trade them for three different Bored Ape NFTs. Because OpenSea doesn't support swapping NFTs directly, only buying and selling them for ETH, the traders used a less-known platform called KiwiSwap to do the trade. Like many platforms, KiwiSwap aims to help users spot faked NFTs by showing a "verified" badge — however, because the platform shows the badge overlaid on the NFT image, a scammer was able to create imitation Bored Apes that included the same checkmark as a part of the image, making them appear legitimate. KiwiSwap also does not include functionality that would allow a user to click through to verify the NFT is the one it claims to be.