The vast majority of the funds were stolen from a single wallet, which had $751,321.80 USDC drained from the malicious link.
On January 27, Azuki, a popular nonfungible token (NFT) project, had its Twitter account hacked, resulting in hackers stealing over $750,000 in USD Coin by posting a malicious “wallet drainer link” disguised as a virtual land mint.
According to Etherscan data provided to Cointelegraph by crypto wallet security firm Wallet Guard, hackers stole $751,321.80 USDC from a single wallet within half an hour of the malicious links being tweeted.
The data also revealed that hackers stole an additional $6,752.62 in USDC from wallets containing 11 NFTs and over 3.9 Ether Wallet Guard stated that the total amount stolen was $758,074.42.
On Jan. 27, Emily Rose, community manager for the anime-inspired NFT project, confirmed via Twitter that the Azuki account had been hacked, warning users not to click any links from Azuki’s Twitter account.
On a Twitter Space hosted by Wallet Guard on Jan. 27, Azuki’s head of community and product manager Dem explained that scammers were able to “post a wallet drainer link” after gaining control of Azuki’s Twitter account.
Dem advised users to “remain safe and suspicious” while the team attempted to reclaim control of the account.
Azuki tweeted several hours later that it had regained control of its Twitter account:
Rose and Dem confirmed this by retweeting the announcement.
Chiru Labs, the company behind Azuki, said in a statement to Cointelegraph that the team is “currently in contact with Twitter and investigating the breach,” and that Azuki “will provide an update once we have more information.”
According to Ohm Shah, co-founder of Wallet Guard, “it doesn’t matter” if an account is official or verified; users should treat everything as suspicious until proven otherwise. “Don’t be the first person to click the link,” Shah advised. In Web3, it’s better to be paranoid than not.”
After regaining control of the account, Azuki reminded its followers in a tweet to always “go out on several channels” to confirm announcements.
It also stated that if in doubt, contact the Azuki “mod team” on Discord.
This comes after the Twitter account of stock trading platform Robinhood was compromised on January 25.
The hackers forced Robinhood users to pay $0.0005 each for a token called “RBH” on the BNB Smart Chain.
Before the tweet was removed, Conor Grogan, Coinbase’s head of product business operations, tweeted that at least ten people had purchased approximately $1,000 worth of the scam token.