Azuki, a popular nonfungible token (NFT) project, had its Twitter account compromised on January 27 which led hackers to steal more than $750,000 in USD Coin (USDC) by posting a dangerous “wallet drainer link” as a virtual land mint.
Hackers stole $751,321.80 USDC from a single wallet within half an hour after the malicious link was tweeted, according to Etherscan data provided to Cointelegraph by crypto wallet security firm Wallet Guard.
The data also revealed that hackers stole $6,752.62 more than USDC from various wallets holding 11 NFTs and more than 3.9 Ether (ETH).
Wallet Guard reported that the amount stolen was $758,074.42.
Emily Rose, community manager for the anime-inspired NFT project confirmed via Twitter on January 27 that Azuki’s account was hacked, warning users not to click on links from Azuki’s Twitter account.
AZUKI’S OFFICIAL TWITTER ACCOUNT HACKED.
DO NOT CLICK ON LINKS FROM OUR ACCOUNTS.
RETWEET.
— Rose | | ⛩️NGL (@emilyrosemcg) January 27, 2023
Head of community and product manager Azuki Dem explained on Twitter Premises hosted by Wallet Guard on January 27 that scammers can “send a wallet drainer link,” after gaining control of Azuki’s Twitter account.
Dem urged users to “stay safe and remain suspicious” while the team tries to control their accounts.
A few hours later Azuki announced that he was able to regain control of his Twitter account via a tweet:
1 / Eng @AzukiOfficial Twitter was compromised today. A series of malicious tweets were sent in the early hours of Friday, Jan. 27 (Pacific Time).
The team has regained control @AzukiOfficial Twitter.
Details are below
– Azuki (@AzukiOfficial) January 27, 2023
This was confirmed by Rose and Dem retweeting the announcement.
Liz Yang, head of growth at Chiru Labs, the company behind Azuki, told Cointelegraph that the team is “currently in contact with Twitter and investigating the breach,” noting that Azuki “will provide an update once we have more information.”
related: Hackers took over CoinDCX’s Twitter account, promoting fake XRP ads
Ohm Shah, co-founder of Wallet Guard, told Cointelegraph that “it doesn’t matter” if the account is official or verified, the user should be treated with suspicion until there is more evidence. Shah noted:
“Don’t be the first person to click on that link. Better to be paranoid on Web3 than not.
After Azuki gained control of the account, he emphasized his followers in a tweet to always be “out on some channel” to confirm the announcement.
Also note to reach out to Azuki’s “mod team” on Discord when in doubt.
This news comes after the Twitter account of stock trading platform Robinhood was compromised on January 25.
Hackers forced Robinhood followers to each pay $0.0005 for a token called “RBH” on the BNB Smart Chain.
Conor Grogan, head of product business operations at Coinbase, tweeted at least 10 people had bought about $1,000 worth of the scam tokens before the tweet was deleted.