How a BAYC Owner Was Tricked into Swapping His Bored Ape NFT Worth $570K for Worthless Jpegs

By | April 6, 2022



Another Bored Ape Yacht Club (BAYC) owner has fallen victim to a social engineering attack targeting holders of premium non-fungible tokens (NFTs).

In this case, the victim thought they were swapping their reasonably rare Bored Ape and Mutant Apes for other high-value apes only to receive worthless Jpegs in exchange. The incident once again highlights the need for owners to bluechip NFTs to painstakingly verify before approving transactions.

How the Fake NFT Swap Happened

NFT enthusiast 0xQuit first brought the story to light in a Twitter thread published on Tuesday. According to the details provided, one Bored Ape holder dubbed “s27” entered into an NFT swap with the scammer on the swapkiwi platform.

Swapkiwi is an NFT swapper that allows users to barter their collectibles in one transaction. To do so on a platform like OpenSea would require significant gas fee payments. This is because the participants would have to list and transfer the NFTs.

S27 was, however, unaware that the other participant in the trade was a rogue actor. While s27 put up BAYC #1584 and two Mutant Ape Yacht Club (MAYC) NFTs — #13168 and #13169 — the scammer put up knock-off NFTs.

The rogue actor took advantage of inadequate verification protocols of the swapkiwi platform to engineer the scam. Swapkiwi does not have a feature that allows users to verify NFTs, and the checkmark used by the platform can be spoofed easily.

Leveraging on these flaws, the scammer was able to create fake Bored Ape NFTs and trick s27 into thinking they were real. Once the swap happened, the rogue actor had NFTs worth over $570,000 while s27 was left with worthless photoshopped fakes.

The scammer in question immediately dumped the NFTs, selling them at a little lower than the floor price of their respective collections.

Lessons Learned

Swapkiwi did react to the scam transfer by stating that it was working on improvements to its website that will prevent such things from happening in the future. NFT and other Web3 platforms have been known to have significant user experience (UX) issues that have led to massive losses.

Earlier in the year, an OpenSea bug caused some NFT owners to have their collectibles sold at previous listing prices that ended up being lower than the current fair value.

The incident once again shows that BAYC holders, as well as owners of other high-value NFTs, will continue to be targets of scammers and rogue actors.

While celebrities flock to the NFT space and acquire bluechip collections like BAYC, holders continue to fall victim to phishing and other social engineering attacks. Some holders have been tricked into selling their Bored Apes for as little as $115.

SPECIAL OFFER (Sponsored)

Binance Free $100 (Exclusive): Use this link to register and receive $100 free and 10% off fees on Binance Futures first month (terms).

PrimeXBT Special Offer: Use this link to register & enter POTATO50 code to receive up to $7,000 on your deposits.





Source link