- A Bored Ape collector has lost 14 BAYC NFT to scammers
- The theft was after an elaborate month-long social engineering scheme
- Fake legal contracts, Twitter accounts and websites were some of the tools used
A Bored Ape collector has allegedly lost 14 of their NFTs worth over $1 million after an elaborate month-long social engineering scheme pulled off by determined scammers. Fake legal contracts and websites were some of the tools used to entice the collector, whose loss is proof that anyone, even those who know the space inside out, can get caught out.
Fake Contract, Website and Twitter Accounts
In a Twitter thread, cybersecurity analysts Serpent revealed the intricate details of the scam, which started by asking the victim identified as @_sevenseason to commercialize their Bored Apes by licensing one of their apes’ IP (intellectual property) rights.
🚨 Analysis of how a scammer stole 14 BAYCs worth over 852 ETH ($1.07 million) today through a month-long social engineering scam.
Here’s how it happened 🧵👇 pic.twitter.com/JJB2xSJyBQ
— Serpent (@Serpent) December 17, 2022
The scammer identified himself as Jason Brubeck and claimed to work for Los Angeles-based Forte Pictures as a casting director. Brubeck even had a fake company website ready with details of an upcoming “NFT-related film” further pulling the victim closer to their grip.
5/ and created fake BAYC/MAYC Twitter accounts who tweeted and interacted with people every day and pretended to have signed licensing deals for their NFTs with Unemployd. This was a long-term sophisticated scam, slowly building credibility over a long period of time. pic.twitter.com/8uFxAZ6UQG
— Serpent (@Serpent) December 17, 2022
Apart from a well-manicured fake website, the scammer used fake Twitter accounts impersonating the Bored Ape Yacht Club (BAYC) and Mutant Ape Yacht Club (MAYC) “who tweeted and interacted with people every day and pretended to have signed licensing deals for their NFTs.”
Scammers Only Needed a Signature
The victim was then sent a contract that they were supposed to sign using their wallet to officially allow “Forte Pictures” and its partners to use a single Bored Ape from their collection for the upcoming film.
7/ The scam website displayed a gas-less Seaport signature, which they claimed he needed to sign for the license. However, the signature actually created a private bundle listing of all of the victim’s BAYCs to the scammer for 0.00000001 ETH. pic.twitter.com/KBfqQxIA0h
— Serpent (@Serpent) December 17, 2022
Instead of licensing the IP rights, it initiated a private transaction with the sale price of all the BAYC’s in their wallet already set. In a tweet, @_Sevenseason said that they signed the contract “believing [they were] signing a licensing deal” only for their 14 Bored Apes to vanish into thin air.
I signed a message believing I was signing a licensing deal with The Unemployed @00hr00life and they stole every BAYC
— sevenseason (@_sevenseason_) December 17, 2022
The incident comes when the Donald Trump NFT collection, whose price increased 10X after listing, is courting controversy after an analyst disclosed that the former US president may have minted some of the NFTs before they were launched. There are also claims that some of the NFTs in his collection are not originals but random images downloaded from the internet.
