Azuki Twitter hacked, over $750,000 USD drained
This Friday, the Twitter account of Azuki was compromised and used to disseminate phishing links that resulted in the loss of over $750,000 USD in less than half an hour.
Azuki’s Twitter account was hacked
Last Friday, a shocking takeover of the popular Azuki NFT collection’s Twitter account led to a significant number of users falling victim to a scam that drained their wallets.
In a matter of minutes, over $750,000 worth of USDC, 11 NFTs, and more than 3.9 ETH were stolen through malicious links that were disguised as a “land mint” for the Azuki NFT project. The link led unwary users to a “drainer” contract instead of the real mint, which was a fraud that tricked them into authorizing a transaction that transferred money out of their wallets.
According to data provided by web3 security firm WalletGuard, a single user unknowingly sent over $750,000 worth of stablecoin USDC to the attacker’s wallet. NFT traders quickly realized that the suspicious Azuki tweets, referring to the fake “surprise mint,” indicated that the account had been compromised. Within an hour, the official Azuki Twitter account was removed from Twitter search results, and the malicious tweets were deleted.
The team is already on top of it and working to regain control
Azuki Community Manager Rose confirmed that the Azuki account had been compromised. MetaMask Security Researcher, Harry Denley, also noticed the scam almost immediately and said that MetaMask has since blocked the malicious domain. The Phantom wallet team has also marked the malicious domains as unsafe and alerted users who attempted to connect their Phantom wallets to the sites.
After the account was compromised, the Azuki Head of Community and Product Manager announced in a Twitter Space that the Azuki team was in touch with Twitter and working to regain control of the account. “We’re on top of the situation,” he said.
Not the first time for Azuki
Unfortunately, this isn’t the first time that the NFT collection has been targeted by scammers. In April 2022, a large number of compromised verified Twitter accounts with Azuki profile pictures promoted airdrop scams in an effort to capitalize on the anime-inspired brand. And earlier this week, the Twitter account of the trading platform Robinhood was similarly hacked to promote a crypto scam, but the hackers in this instance were only able to make away with roughly $8,000 in crypto.
Be careful when navigating through web3
The Azuki team is urging all users to be cautious and not to open any links in current tweets. They are also in contact with Twitter to address the attack and are working to restore their account.
As the incident continues to unfold, Azuki’s co-founder, Hoshiboy, has issued a statement regarding the hack. He confirmed that the Twitter account for the NFT collection Azuki was compromised on Friday afternoon, with the collection’s native metaverse platform, The Garden, being the subject of a fraudulent link that the account tweeted, encouraging followers to “claim land.”
In the meantime, Azuki’s Community Manager has also issued a warning to followers, urging them not to open any links in current tweets and to exercise caution when interacting with the Azuki account. Discord moderators have also advised members not to click on the link in Azuki’s bio as it still leads to a malicious website.
One attack among many
This is just the latest hack from what is becoming a very long list, serving as a reminder of the importance of cybersecurity and the need to be vigilant when interacting with any web3 smart contract. The Azuki team has promised to keep the community updated on the situation and to take measures to ensure the security of their platform and users’ assets.
It’s also a call for all crypto enthusiasts to take extra care when dealing with NFT and crypto on social media, particularly on Twitter, as bad actors are becoming more sophisticated and awareness is key to preventing falling for their scams.
The Azuki team is urging everyone to stay safe and to report any suspicious activity to their support team immediately, and claim to be committed to ensuring the security of their platform and the protection of their users’ assets.
