The attack resulted in the loss of three NFT BAYCs. The incident, which began at 17:47 UTC on May 8, transferred BAYC 7531 from tatis.eth to the phishing account. The attacker subsequently moved BAYC 6736 and BAYC 2100 to the same address.
The attacker, known as Pink Drainer, absconded with three NFT BAYCs at publication, selling them for 48.5 ETH, equivalent to USD 145,000. The sales were made on leading NFT marketplaces Seaport and Blur.
The incident follows previous reports of nefarious activity in the cryptocurrency industry. It was reported that in December 2023, the same group of hackers stole 4.4 million dollars worth of Chainlink ( LINK ) tokens.
The hackers used deceptive tactics by tricking users into authorizing transactions related to the “IncreaseAllowance” feature, resulting in a loss of 275,700 LINK.
Notably, such hacks became widespread in the fourth quarter of last year. Last October, JPEG, an NFT protocol, alerted its community to several malicious platforms mimicking its services to ensure transactions were approved before draining NFT users and digital assets.
Similarly, in December 2023, Flooring Protocol, a liquidity solution for NFT, fell victim to an exploit when its peripheral or multi-call smart contract was attacked. The attacker subsequently dropped the stolen NFTs. In response, protocol developers deployed a solution to address the vulnerability.