BAYC Instagram Hack Leads to More Than $2 Million in Lost NFTs

BAYC Instagram Hack Leads to More Than $2 Million in Lost NFTs
In this post

On Apr. 25, a hacker took control of Bored Ape Yacht Club's (BAYC) Instagram, posted a link to a fake Yuga Labs land airdrop website, and stole more than $2 million from unsuspecting victims who connected their wallets to the site.

"Welcome to the land airdrop," the fake website reads. "You need to connect your MetaMask wallet before you can claim LAND."


The hacker's wallet address has been identified as "0x8c7934611b6ad70fbea13a1593de167a4689b9a9." It currently holds 14 total BAYC ecosystem assets worth at least 833 ETH, or rough $2.4 million. Of those 14 NFTs, seven are Mutant Apes, three are Kennel Club companions, and four are Bored Apes.

The most recent transfer of Mutant Ape Yacht Club NFT #3491 was only 20 minutes ago as of the time of this writing.

The hack also included CloneX and 76 other NFTs (91 NFTs in total), according to zachxbt.

The NFT community justifiably questioned the project's social media security practices, but BAYC co-founder Garga insisted on Twitter that security precautions were taken.

"We have two full-time security experts," he tweeted. "And the account practices on [Instagram] were tight."

What happens next is unclear.

"We will be in contact with the users affected and will post a full post mortem on the attack when we can," Garga said. "For now, I would like to stress that [two-factor authentication] was enabled on the [Instagram] account."

The official Bored Ape Yacht Club Twitter spoke about the incident, explaining that the hacker used a "safeTransferFrom" transaction to transfer the NFTs to their wallet. The team has regained control over the Instagram account and is investigating the issue.

If your account was compromised, BAYC asks that you reach out to them directly via email at They will NOT email you first.

The team also made clear that Instagram will never be their first form of communication for mints and announcements.

"We will also NEVER announce mints on the BAYC or Otherside Instagram accounts first, ever," the official BAYC Twitter account reads. "Only obtain information from our official Twitter accounts. These will be crossposted on the #announcements channel of BAYC Discord."

This concerning hack comes during the height of anticipation for Yuga Labs's upcoming land sale for its newly announced metaverse, The Otherside. And it serves as a reminder to always be wary of suspicious links and FOMO-driven mints and purchases. 

This is a developing story. Lucky Trader will update as information is released.

Disclaimer: The author or members of the Lucky Trader staff may own NFTs discussed in this post. Furthermore, the information contained on this website or the Lucky Trader mobile application is not intended as, and shall not be understood or construed as financial advice. AI may have assisted in the creation of this content.