Question:

This spring the Bored Ape Yacht Club Discord and Instagram accounts were hacked. The hackers sent a phishing link to the community. As a result of this phishing scam, users lost some Bored Apes, Mutant Apes, and other assets.

How many NFTs were stolen?

What is the total value of all NFTs stolen?

Show the percentage of compromised wallets that bought back more NFTs from the same collection that was stolen.

Overview of essay:

> The Instagram account belonging to the BAYC NFT collection was hacked. A phishing link was sent out to users and designed to steal NFTs. According to Gizmodo, three million dollars worth of crypto was stolen from the victims.” Also “Bored Ape Yacht Club Discord compromised in $357,000 NFT phishing attack. “

This news has been spread all over the channels and social media. Crypto universe users got panic by reading these attack and phishing news. The popularity and value of stolen NFT collections attract the concentrations on this attack.

Now lets explore the attack and estimate the damages of this treat to users and community.

Approach:

• The phishing and attack date:

  block_timestamp between '2022-04-20' and '2022-04-26'

• The scam account that users sent their NFT:

  nft_to_address='0x8c7934611b6ad70fbea13a1593de167a4689b9a9'

• The count of stolen NFTs and unique Victims:

  count(distinct TOKENID) as count_nfts, count(distinct NFT_FROM_ADDRESS) as count_victims

• Value of stolen NFTs:

  Estimated by the average price of stolen NFT collections on OpenSea sale in the attack date

  select NFT_ADDRESS, avg(PRICE_USD) as USD_price from ethereum.core.ez_nft_sales where block_timestamp between '2022-04-20' and '2022-04-26'

  After that count_nfts*USD_price as Stolen_value

• Identification of NFT projects: left outer join ethereum.core.dim_labels z on x.NFT_ADDRESS=z.ADDRESS

  \

Key findings:

The summary of results related to the phishing and stolen NFTs have been listed as:

• The 132 NFTs from 45 unique victims have been stolen during this attack.
• The estimated USD value of this attack is about 2.76 million USD.
• From the count of NFTs point of view, most of the stolen NFTs not labeled but results get more interesting when we order the stolen NFTs based on the USD value of them.
• About 90% of stolen NFTs by considering their USD value belong to 5 NFT project.
• The Boredapeyachtclub is the most value piece by near 60% of stolen share.
• The list of most valuable stolen NFTs demonstrated in the table and based on this table, the most valuable ones are 4 boredapeyachtclub, 7 mutantapeyachtclub and 3 boredapekennelclub NFTs.
• Wants to know that are victims bought back more NFTs from the same collection that was stolen. The answer shown in the donut graph and according to it, about 22.2% of victims bought back NFTs from same collection and rest of victims did not bought NFTs.