Scam: They offer free cryptocurrencies and steal nearly a million dollars in funds

Several users reported a scam that seeks to steal funds under the fake ApeCoin offer. This is a hoax that was launched through Twitter profiles that appear as verified and offer to send this cryptocurrency within the framework of a AirDrop, a procedure within the crypto world that consists of giving coins or tokens to addresses of wallet to promote the launch of a new virtual currency. While this is a common technique in the world of cryptocurrencies, in this case everything was used as a hook to orchestrate a scam, which would have already caused more than a million dollars in losses.

ApeCoin is a new Ethereum token based on the popular NFT project Bored Ape Yacht Club (BAYC) and Mutant Ape Yacht Club (MAYC). It is believed that in the near future this cryptocurrency could become a payment method within the metaverse, the new evolution of the internet that will inhabit web 3, based on blockchain technology.

The cyberattackers hacked into a number of verified Twitter accounts, many of them with images of Bored Ape Yacht Club (BAYC) on their profile. This worked as a hook for users, interested in these tokens, to believe that it was a genuine proposal, when it is not.

The message that was circulated on hacked Twitter accounts reads as follows: “The launch of Ape Coin has been a great success! We have collectively decided to send a little more to active NFT Traders/Holders. If you don't currently own NFTs, you can claim with a commission of 0.33 ETH!”

Below is a link to a malicious site that was used to steal digital wallets. Several users are already affected. Among them is the NFT collector Bored Alien Silver Ape who claims to have lost more than half a million dollars in BAYC NFTs. He fell into the trap of a verified account that posed as a founder of that NFT collection.

For its part, a thread was published from the AnChain.AI account showing other compromised accounts that were used for the attack: these are the profiles of musician Mila, journalist Gavin Quinn and Dana.eth, who also identified himself as the founder of BAYC.

“A phishing attack involving hacked verified Twitter accounts was launched earlier this week,” they warned from the aforementioned account. The profiles that were identified as a vehicle to carry out this scam have already returned to their original users, but apparently the hackers have already managed to get over a million dollars worth of cryptocurrencies, according to the specialized site Decrypt.

How cyberattackers seized the opportunity to make this deception

The launch of ApeCoin was announced just a week ago and it was reported that 15% of this coin (which has a total supply of 1 billion units) would be released via airdrop to holders of the NFT Ape; either Bored Apes or Mutant Apes.

Airdrop is a method used by the creators of certain cryptocurrencies to reach a massive number of users, as there are millions of investors waiting to participate in an airdrop to get free crypto. This means that the project can gain fame in a short time, just by giving away a few tokens. This process is usually part of an initial coin offering (ICO) or the founding moments of each new crypto. The problem was that in the case mentioned this ad was used by the creators of ApeCoin to scam many users.

It is that taking advantage of the interest that aroused the news of the creation of the new token, some cybercriminals hacked verified Twitter accounts and created fake websites to steal funds. This is how messages like the ones mentioned above began to circulate, where these coins were offered for free and users were asked to enter a link to be able to get them. It was all a hoax.

As mentioned on other occasions, you should always be alert to messages that offer offers or gifts that circulate on the networks. While in this case it is true that the creators of the crypto had actually offered the possibility of accessing the former at no cost, through the procedure known as AirDrop, in this case that was used as a hoax. Then what to do? Always verify on official sites or accounts, report to specialized sites and always secure all accounts with second factor authentication to reduce the chances of losing valuable funds.

KEEP READING: