Fake ApeCoin Airdrop scams unsuspecting users of $1 Million

Earlier this week, a twitter phising scam hacked verified accounts, and began promoting a phony ApeCoin airdrop which resulted in the loss of more than $1 million for victims.

Verified accounts were hacked in a Twitter phishing scam, and some of them had Bored Ape Yacht Club (BAYC) profile pictures. Through a phoney ApeCoin airdrop, the scam attempted to defraud crypto-savvy users of a little more than $1 million this week.

ApeCoin is a cryptocurrency that BAYC and Mutant Ape Yacht Club (MAYC) members can claim. ApeCoin DAO launched it, and the token will be used to power several BAYC spin-off projects.

The fake airdrop this week enticed victims with an ostensibly legitimate tweet from hacked accounts that read, “The Ape Coin launch was a huge success! We've decided to airdrop some more active NFT Traders/Holders as a group. If you don't already have NFTs, you can claim them for 0.33 ETH!”

The Ape Coin Airdrop Scam

One of the worst affected NFT collectors was Bored Alien Silver Ape. According to Etherscan, he lost over half a million dollars worth of BAYC and MAYC NFTs in the attack.

He immediately blamed an account named Bhawana Ghimire, which he assumed was named after the former CEO of the Nepal Cricket Association.

The verified account pretended to be a founder of BAYC.

Rip another Ape owner phished who has lost $500k worth of NFTs (BAYC, MAYC, & more)

Stop connecting your wallet & approving transactions on sketchy sites

Scammer address:https://t.co/ju4jS4a0fl pic.twitter.com/RIbytV0Atu

— ZachXBT (@zachxbt) March 25, 2022

AnChain.AI, a blockchain analytics account, detailed the heist and identified three more compromised accounts involved in the spread of the attack: Dana.eth, who also claimed to be a BAYC founder, Gavin Quinn, a sports journalist, and Mila, a musician.

(7/11) Another exploited account (@aarontcadena) appears to have lost NFTs with a combined value of more than 34 ETH, despite never connecting their wallet to the malicious link pic.twitter.com/MTdUjZZfPD

— AnChain.AI (@AnChainAI) March 22, 2022

Todd Wasserman, a business journalist, was also identified as having had his account stolen in the fraud by an account called “NFTEthics.”

Just for the avoidance of doubt. The verified account @BhawanaCAN is an obvious scam promoting an "Ape Coin airdrop" and also the verified account of @ToddWasserman has been hacked and used for scamming.
Almost nothing is what it seems, and if it seems too good to be true, it is. pic.twitter.com/skw6d6jnFi

— NFT Ethics (@NFTethics) March 24, 2022

Many verified personas, including NFT 365 podcaster Fanzo (@iSocialFanz), were conned out of their crypto holdings in addition to the commandeered accounts.

Fanzo worked for the US Department of Defense for a decade, specializing in cybersecurity, and despite never opening the malicious link, his wallet was compromised.

(5/11) Included among the accounts being spammed was @iSocialFanz (aka Fanzo), host of the @NFT365Podcast, and someone who is quite technical (having spent a decade with the U.S. DoD focused on cybersecurity) pic.twitter.com/1OucPWFqvR

— AnChain.AI (@AnChainAI) March 22, 2022

Similarly, despite never connecting his wallet to the bogus URL, Aarontc.eth lost nearly 34 Ethereum worth of NFTs.

(6/11) Oddly, Fanzo appears to have had his wallet exploited despite never clicking the malicious link pic.twitter.com/lmnY9JiXZJ

— AnChain.AI (@AnChainAI) March 22, 2022

All of the accounts that had been compromised appear to have been returned to their owners. Until then, the scam had proven to be a profitable endeavour for the perpetrator, who had apparently made over $1 million in cryptocurrency.