The majority of the stolen funds came from a single wallet, with the malicious link draining $751,321.80 USDC.
On January 27, a popular nonfungible token (NFT) project called Azuki had its Twitter account compromised. As a result, hackers posted a malicious “wallet drainer link” claiming to be a virtual land mint and stole USD Coin USDC worth more than $750,000.
According to Etherscan data, hackers stole $751,321.80 in USDC from a single wallet within a half hour of the malicious links being tweeted.
The data also showed that hackers also took $6,752.62 in USDC from a number of wallets that held 11 NFTs and more than 3.9 Ether ETH.
The total amount stolen, according to Wallet Guard, was $758,074.42.
On January 27, Emily Rose, the community manager for the anime-inspired NFT project, informed users not to click on any links from the Azuki Twitter account and confirmed the breach via Twitter.
Dem, Azuki’s head of community and product manager, stated on a Jan. 27 Twitter Space hosted by Wallet Guard that fraudsters were able to “post a wallet drainer link” after gaining control of Azuki’s Twitter account.
During the time that the team was attempting to regain control of the account, Dem advised users to “stay safe and stay suspicious.”
Azuki tweeted a few hours later that it had regained control of its Twitter account.
Rose and Dem retweeted the announcement to confirm this.
Azuki emphasized to its followers in a tweet that it would always “go out on several channels” to confirm announcements when it regained control of the account.
When in doubt, it also advised contacting the Azuki “mod team” on Discord.
This information comes after the Twitter account of the stock trading platform Robinhood was hacked on January 25.
The criminals coerced Robinhood’s adherents into paying $0.0005 each for a token known as “RBH” on the BNB Smart Chain.
Before the tweet was taken down, Coinbase’s head of product business operations, Conor Grogan, tweeted that at least ten individuals had purchased approximately $1,000 worth of the fake token.