Ape-themed airdrop phishing scams are on the rise, experts warn

Published at: May 4, 2022

Cybersecurity experts identified and disclosed the rising popularity of airdrop phishing among crypto and nonfungible token (NFT) scammers.

Airdrops serve as an essential marketing tool for crypto projects, which involves sending free cryptocurrency tokens or NFTs to promote awareness among investors. However, a new report released by Malwarebytes Labs highlighted an alarming rise in airdrop phishing attempts as scammers try to cash in on the hype around Yuga Labs’ BAYC Ape-related NFT collection.

Airdrop phishing: what is it, and how is my cryptocurrency at risk? https://t.co/kWG09l06fi

— Malwarebytes (@Malwarebytes) May 3, 2022

Malwarebytes recorded that the most common airdrop phishing tactics involve the use of fraudulent websites portraying as one of the legitimate platforms, adding that “Apes are, of course, the hottest draw in town where Airdrop phishing is concerned.”

The report acknowledged the fraudsters’ rising interest in ape-themed phishing while citing the “variety of fake pages out there reflects this.”

The above screenshot shows a phishing attempt wherein scammers created a site asking visitors to claim up to 10 Bull and Ape NFTs. However, similar to any other phishing website, when a user tries to claim the seemingly lucrative offer, it prompts for a variety of password/recovery phrases:

“Does this really sound like something you want to hand over your recovery phrase to?”

In addition, Malwarebytes also warns about the rise in the “connect your wallet” airdrop phish wherein Twitter accounts with massive followers pose as popular projects such as Moonbirds project offering NFT airdrops.

As the crypto community notices and calls out such scams, the fraudsters tend to turn off replies to their tweets to prevent being exposed. In this case, the official verified Moonbirds account warned about the imposters.

BEWARE of scammers, we don't Instagram, have a public discord, or have any other URL other than https://t.co/py5fF2nTlX

— Moonbirds (, ) (@moonbirds) April 8, 2022

Malwarebytes’ advice resounds with the general security recommendations of not saying “yes” to everything a site asks for, concluding:

“If you start granting permissions, or signing transactions, you may find your wallet draining of funds.”

Related: ETH gas price surges as Yuga Labs cashes in $300M selling Otherside NFTs

As rightly pointed out in the Malwarebytes report, the hype around Yuga Labs’ NFTs is real. The latest launch of the “Otherdeed” NFTs, which saw each digital piece of land selling for 305 ApeCoin (APE), witnessed an instant sell-out.

The Otherdeed NFT mint is sold out - we are awestruck at the demand shown tonight. Apes and Mutants, the opening of the 21-day claim period is being delayed until the price of gas drops to reasonable levels. We’ll tweet when the claim opens. https://t.co/iRz64lklbv

— OthersideMeta (@OthersideMeta) May 1, 2022

As Cointelegraph reported, the sale resulted in an unprecedented but momentary spike in Ether (ETH) gas fees. Citing some of the issues related to using Ether during its NFT launch, Yuga Labs announced the need for ApeCoin to migrate to its own chain to scale properly.

Tags
Nft
Related Posts
Massive airdrop and AXS staking catapult Axie Infinity to a new all-time high
Airdrops have become the cryptocurrency ecosystem’s equivalent of stimulus checks over the past couple of years and further proof of this can be evidenced from popular protocols, like Uniswap and dYdX, that rewarded their early adopters with token drops that are now worth $30,000 to $2 million. The latest protocol to surprise its userbase with a wallet fattening airdrop was Axie Infinity (AXS), a blockchain-based battle game that has risen in prominence over the course of 2021 as users embrace its play-to-earn (P2E) gaming model. Data from Cointelegraph Markets Pro and TradingView shows that since bounding off a low of …
Adoption / Oct. 1, 2021
Early Ethereum Name Service (ENS) adopters rewarded with a hefty five-figure airdrop
Early adopters in the cryptocurrency market have once again been rewarded for their bravery and exploration after the popular Ethereum Name Service protocol, which issues nonfungible token that double as Ethereum addresses and web domains, distributed an airdrop for its new ENS DAO token. The resulting airdrop translated to an instant five-figure payday for many holders and there are those who would have registered multiple ENS addresses to multiple wallets, meaning some holders are in possession of a six-figure airdrop. It had been widely expected that an airdrop was in the works for members of the ENS community, especially because …
Adoption / Nov. 10, 2021
STEPN impersonators stealing users' seed phrases, warn security experts
Peckshield, a prominent blockchain security firm, exposed the existence of numerous phishing websites for the Web3 lifestyle app STEPN on Monday. Hackers insert a forged MetaMask browser plugin through which they can steal seed phrases from unsuspecting STEPN users, according to Peckshield. When these cybercriminals obtain the seed phrase, they gain complete control over the STEPN user's dashboard where they may connect their stolen wallets to their own or "claim" a giveaway as per Peckshield. #PeckShieldAlert #phishing PeckShield has detected a bath of @Stepnofficial phishing sites. They insert a false Metamask browser extension leading to stealing your seed phrase or …
Adoption / April 25, 2022
Bored Ape Yacht Club NFTs stolen in Instagram phishing attack
As told by Bored Ape Yacht Club (BAYC) developers on Monday, hackers breached the popular nonfungible token (NFT) collection’s official Instagram page and shared links to a fake airdrop with the project’s followers. Crypto enthusiasts who connected their MetaMask wallets to the scam website were subsequently drained of their Ape NFTs. It appears that the attack was planned to coincide with the one-year anniversary of the launch of the BAYC collection, thus increasing the “perceived credibility” of the phishing link. Unconfirmed reports on social media indicate that approximately 100 NFTs were stolen during the phishing attack. Based on data from …
Adoption / April 25, 2022
3 reasons why Bluzelle (BLZ) could be GameFi’s next unicorn project
The cryptocurrency market has had a less than stellar start to the year and it appears that the downtrend that began after the November 2021 market peak has been extended thanks to a multitude of negative developments, including the expectation of rising interest rates and the threat of a war between Russia and Ukraine. While many traders have little appetite to risk capital during bearish conditions, contrarian investors looking to buy while “there is blood on the streets” have several viable options with data from Cointelegraph Markets Pro indicating that Bluzelle, a decentralized storage network for the creator economy, is …
Adoption / Feb. 22, 2022