Twitter Scam Uses Verified Accounts to Steal $1 Million in Fake ApeCoin Airdrop

Several hacked Twitter accounts began promoting a phony Ape Coin airdrop this week, resulting in the loss of more than $1 million for victims.

Mar 25, 2022

3 min read

Image: ApeCoin DAO

A Twitter phishing scam hacked verified accounts, some of which had Bored Ape Yacht Club (BAYC) profile pictures. The scam sought to defraud crypto-savvy users of a little more than $1 million this week through a phony ApeCoin airdrop.

For those who missed last week's news, ApeCoin is a cryptocurrency that can be claimed by BAYC and Mutant Ape Yacht Club (MAYC) holders. It was launched by ApeCoin DAO, and the token will power several spin-off projects from the BAYC franchise.

This week's fake airdrop lured victims with an ostensibly legitimate tweet coming from hacked accounts, which read, "Launch of Ape Coin has been a big success! We have collectively decided to airdrop some more to active NFT Traders/Holders. If you don't currently own NFTs, you can claim with a 0.33 ETH fee!"

The tweet then enclosed a link as bait for the scam.

Unpacking the Ape Coin airdrop scam

NFT collector Bored Alien Silver Ape was one of the worst affected. He lost over half a million dollars worth of BAYC and MAYC NFTs in the attack, according to Etherscan.

He immediately blamed an account called Bhawana Ghimire, a name possibly drawn from the former CEO of the Cricket Association of Nepal.

The verified account was masquerading as a BAYC founder.

Rip another Ape owner phished who has lost $500k worth of NFTs (BAYC, MAYC, & more)

Stop connecting your wallet & approving transactions on sketchy sites

Scammer address:https://t.co/ju4jS4a0fl pic.twitter.com/RIbytV0Atu

— zachxbt (@zachxbt) March 25, 2022

Blockchain analytics account AnChain.AI posted a play-by-play breakdown of the heist and identified three more compromised accounts involved in spreading the attack: Dana.eth, who also claimed to be a BAYC founder, sports journalist Gavin Quinn, and musician Mila.

(8/11) In addition to @danadentata & @pizza4liam, there was a third hacked verified account (@gavinquinn97) being leveraged, as can be seen below cc: @MelaniePopesco (and note the address shared by @theRealNFTKing; https://t.co/SJ80Pbz56J) pic.twitter.com/xnWyMbcoWC

— AnChain.AI (@AnChainAI) March 22, 2022

An account called "NFTEthics" also identified business journalist Todd Wasserman as having had his account compromised in the scam.

Just for the avoidance of doubt. The verified account @BhawanaCAN is an obvious scam promoting an "Ape Coin airdrop" and also the verified account of @ToddWasserman has been hacked and used for scamming.
Almost nothing is what it seems, and if it seems too good to be true, it is. pic.twitter.com/skw6d6jnFi

— NFT Ethics (@NFTethics) March 24, 2022

In addition to the commandeered accounts, many verified profiles were scammed out of their crypto assets, including NFT 365 podcaster Fanzo (@iSocialFanz).

Fanzo spent a decade with the U.S. Department of Defense, focusing on cybersecurity, yet even he had his wallet exploited, despite never clicking the malicious link.

(6/11) Oddly, Fanzo appears to have had his wallet exploited despite never clicking the malicious link pic.twitter.com/lmnY9JiXZJ

— AnChain.AI (@AnChainAI) March 22, 2022

Similarly, Aarontc.eth lost over 34 Ethereum worth of NFTs, despite never connecting his wallet to the malicious link.

(7/11) Another exploited account (@aarontcadena) appears to have lost NFTs with a combined value of more than 34 ETH, despite never connecting their wallet to the malicious link pic.twitter.com/MTdUjZZfPD

— AnChain.AI (@AnChainAI) March 22, 2022

All compromised accounts appear to have been returned to their owners' control.

Until then, though, the scam proved to be a lucrative venture for the assailant, as they reportedly raked in over $1 million in crypto.

Daily Debrief Newsletter

Start every day with the top news stories right now, plus original features, a podcast, videos and more.

Coin Prices