Most of the funds stolen were from a single wallet, with $751,321.80 in USDC drained from the malicious link.
Azuki, a popular nonfungible token (NFT) project, had its Twitter account compromised on Jan. 27, leading to hackers stealing over $750,000 worth of USD Coin (USDC) by posting a malicious “wallet drainer link” posing as a virtual land mint.
Hackers stole $751,321.80 in USDC from a single wallet within half an hour of the malicious links being tweeted, according to Etherscan data provided to Cointelegraph by crypto wallet security firm Wallet Guard.
The data also revealed that hackers stole a further $6,752.62 worth of USDC from various wallets holding 11 NFTs and over 3.9 Ether (ETH).
Wallet Guard stated that the total amount stolen was $758,074.42.
Emily Rose, community manager for the anime-inspired NFT project, confirmed via Twitter on Jan. 27 that the Azuki account was hacked, warning users not to click any links from Azuki’s Twitter account.
AZUKI OFFICIAL TWITTER ACCOUNT IS HACKED.
DO NOT CLICK LINKS FROM OUR ACCOUNT.
— Rose | | ⛩️NGL (@emilyrosemcg) January 27, 2023
Azuki’s head of community and product manager, Dem, explained on a Twitter Space hosted by Wallet Guard on Jan. 27 that scammers were able to “post a wallet drainer link” after gaining control of Azuki’s Twitter account.
Dem urged users to “stay safe and stay suspicious” while the team attempted to regain control of the account.
Several hours later Azuki stated that it had regained control of its Twitter account via a tweet:
1/ The @AzukiOfficial Twitter was compromised today. A series of malicious tweets were posted during the morning of Friday, Jan 27th (Pacific Time).
The team has regained control of the @AzukiOfficial Twitter.
— Azuki (@AzukiOfficial) January 27, 2023
This was confirmed by Rose and Dem retweeting the announcement.
Liz Yang, head of growth at Chiru Labs, the company behind Azuki, told Cointelegraph that the team is “currently in contact with Twitter and investigating the breach,” noting that Azuki “will provide an update once we have more information.”
Related: Hackers take over CoinDCX Twitter account, promote fake XRP ads
Ohm Shah, the co-founder of Wallet Guard, told Cointelegraph that “it does not matter” if an account is official or verified and users should treat everything as suspicious until proven otherwise. Shah noted:
“Don’t be the first person that clicks the link. It’s better to be paranoid in Web3 than not.”
Upon Azuki regaining control of the account, it emphasized to its followers in a tweet to always “go out on several channels” to confirm announcements.
It also noted to reach out to the Azuki “mod team” on Discord when in doubt.
This news comes after stock trading platform Robinhood’s Twitter account was compromised on Jan. 25.
The hackers pushed Robinhood’s followers to each pay $0.0005 for a token called “RBH” on the BNB Smart Chain.
Conor Grogan, the head of product business operations at Coinbase, tweeted that at least 10 people had purchased approximately $1,000 worth of the scam token before the tweet was removed.