Hacker stole $2.7 million worth of NFT tokens from collector

Owners of collection tokens are increasingly becoming victims of hacker attacks. One of these collectors reported that the attacker was able to access his wallet and withdraw $2.7 million worth of NFTs.

Larry Lawliet told, which lost seven Bored Ape tokens, five Mutant Apes tokens, and one Doodle token. The total value of the stolen NFTs was at least $2.7 million. The hacker used social engineering to get Lawlit to grant access to the wallet.

The scheme of the theft turned out to be quite complicated – first, the hacker gained access to the Discord server of the collection of Moschi Mochi tokens and announced the release of a thousand additional NFTs. Lawlit decided to participate in the release of tokens and sent 0.49 ETH to secure it. But the hacker had a different goal – among the transactions for confirmation, he sent the victim a transaction to confirm full access to the wallet. Lawlit signed it along with the others, and the attacker was able to withdraw all the tokens from the victim’s wallet.

Computer security experts advise you to always check the details of the transaction, because if Lawlit were more careful about this, he would hardly have given the hacker permission to withdraw tokens. In addition, you can use “intermediate” wallets – store the main amount of assets at one address, and use another to interact with the outside world.

A similar incident occurred at the end of December last year. Then the curator of the New York gallery Ross + Kramer lost 15 NFTs from the Bored Ape Yacht Club and Mutant Ape Yacht Club collections, as well as one NFT CloneX, for a total of $ 2.2 million.