There’s a good reason hackers are constantly targeting Yuga Labs, as its Bored Ape Yacht Club collection has become an established platform garnering thousands of users on a regular basis. Ari Redbord, Head of Legal Affairs for Blockchain intelligence company TRM Labs, said it’s “not a surprise” that Yuga Labs was victimized given its comprehensive NFT collection, the majority of which have been traded for upwards of hundreds of thousands of dollars worth of cryptocurrency (via Yahoo). That said, Redbord urged users to be extra cautious and to report such scams as these operations are now “becoming more and more organized.”
TRM Labs highlighted the various phases that may take place in NFT phishing scams, which can come in various forms. This includes emails, DMs in Discord or similar messaging platforms, ads in virtual wallets, and even impersonated staff of NFT exchange platforms. Hackers pressure victims to act fast by luring them with valuable NFTs that turn out to be non-existent. Afterward, attackers then utilize a bait-and-switch contract, which lets victims sign a fake contract that tricks them into thinking their gaining ownership of the so-called NFT, in order to gain access to their wallets.