An NFT collector has lost millions of dollars’ worth of NFTs in an apparent phishing attack.
NFT Collector Targeted With a Phishing Attack
Toddkramer.eth, a New York-based art curator and NFT collector, reported that 16 of his prized tokens were stolen today in an apparent phishing attack.
The collector was hacked after clicking on a phishing contract disguised as a genuine NFT dApp and authorizing the contract to spend tokens on his behalf. While the hacker successfully sold several stolen NFTs on OpenSea, others were frozen by the platform upon Kramer’s request and may be returned to him.
Overall, 16 NFTs were from three different collections were taken out of his wallet, including eight Bored Ape Yacht Club NFTs, seven Mutant Ape Yacht Club NFTs, and one CloneX NFT. Based on floor prices, Crypto Briefing estimates the value of the stolen assets to be approximately 593 ETH, or roughly $2.2 million.
Bored Apes represented the largest share of the stolen assents, estimated to be worth about 497 ETH. Kramer’s Mutant Apes NFT collection was worth about 79.1 ETH; he also owned a CloneX NFT that the hacker sold on OpenSea for 17 ETH.
There have been a number of hacks on NFT collectors reported this month. Last week, a user going by AhChooo reported being scammed out of two NFTs–a Mutant Ape and a Cool Cat. Then, on Sunday, another NFT investor, bergpay.eth, posted on Twitter that someone had transferred 5 Jungle Freaks NFTs out of their wallet, altogether valued at 1.3 ETH at current floor prices.
In December, there were other instances where collectors of Bored Ape Yacht Club NFTs made costly errors. One owner made the mistake of selling a $300,000 Bored Ape NFT for just $3,000. Another owner erroneously transferred his Bored Ape token to a derivative project he was unfamiliar with.
2021 saw an explosion of investment activity in the NFT market, particularly among retail investors. However, recent debacles indicate that many NFT collectors could still benefit from additional education regarding digital asset security.
After getting hacked today, Todd Kramer said he had learned a major lesson and advised others to use a hardware wallet in order to protect their assets against hacks.
Disclosure: At the time of writing, the author of this piece owned ETH and several other cryptocurrencies.