The NFT community is reeling after the official Twitter account of the popular Azuki collection was compromised, resulting in one of the most damaging social media hacks in the space this year. Within just 30 minutes, a single attacker managed to steal over $750,000 worth of USDC, 11 NFTs, and 3.9 ETH from unsuspecting collectors who clicked on a malicious link posted from the verified account.
TL;DR
- Azuki’s official Twitter account was hacked on March 19, 2023
- Attacker stole over $750,000 in USDC, 11 NFTs, and 3.9 ETH in just 30 minutes
- Malicious link was disguised as a “land mint” for the Azuki NFT project
- MetaMask and Phantom wallets have flagged the malicious domains as unsafe
- Azuki team is working with Twitter to regain control of the account
The attack began when the compromised Azuki Twitter account posted what appeared to be an official announcement for a “land mint” — a new feature that many in the community had been anticipating. The gold-verified checkmark lent credibility to the post, and eager collectors rushed to participate in what they believed was a legitimate drop. Instead, the link directed users to a wallet-draining smart contract that siphoned funds and NFTs directly to the attacker’s wallet.
How the Attack Unfolded
The sophistication of the attack is particularly alarming. The hacker waited for a moment of high community engagement and leveraged the trusted Azuki brand to maximize the damage within the shortest possible window. By the time the community realized what was happening, the damage had already been done — a single user lost the vast majority of the stolen assets in what amounts to one of the quickest heists in NFT history.
The attacker specifically targeted USDC, a stablecoin pegged to the US dollar, which means the stolen funds retain their full value regardless of market volatility. With Bitcoin trading at approximately $28,000 and Ethereum around $1,785 at the time of the attack, the NFT market was experiencing renewed optimism following a prolonged bear market, making collectors more susceptible to FOMO-driven decisions.
Wallet Providers Respond Quickly
In the aftermath of the attack, major cryptocurrency wallet providers MetaMask and Phantom moved swiftly to protect users. Both platforms marked the malicious domains associated with the hack as unsafe, warning users who attempted to connect their wallets to the fraudulent site. This rapid response likely prevented additional losses, though the total damage from the single victim was already substantial.
The incident highlights the ongoing vulnerabilities in the NFT ecosystem, where the combination of social media verification and high-value digital assets creates a fertile ground for sophisticated phishing attacks. Even experienced collectors can fall victim when trusted accounts are compromised, as the line between legitimate project announcements and scams becomes increasingly blurred.
Azuki’s Response and Community Impact
The Azuki team confirmed they are in direct contact with Twitter’s support team in an effort to regain control of the compromised account. This is not the first time the Azuki project has been targeted by scammers, a pattern that reflects both the collection’s prominence and the persistent threat landscape in the NFT space.
The hack serves as a stark reminder of the risks inherent in the NFT market, where billions of dollars in digital assets change hands with minimal security infrastructure compared to traditional financial markets. As the space continues to mature, the need for better social media security protocols and user education becomes increasingly urgent.
Why This Matters
The Azuki Twitter hack underscores a fundamental vulnerability in the NFT ecosystem: the reliance on centralized social media platforms as primary communication channels. When a single compromised account can result in three-quarters of a million dollars in losses within minutes, the industry needs to rethink how projects authenticate announcements and how collectors verify their legitimacy. The incident also highlights the growing sophistication of NFT-focused cybercrime and the urgent need for multi-factor verification systems that go beyond platform-level checkmarks.
Disclaimer: This article is for informational purposes only and does not constitute financial advice. Always verify the authenticity of NFT drops through multiple official channels before connecting your wallet or sending funds.
$750K gone in 30 minutes because of a fake land mint link. if the verified badge wasn’t there this wouldn’t have worked. twitter verification was a security liability
metamask and phantom flagging the domains after the fact is useless. the damage was done in half an hour. we need preemptive link screening not post-mortem warnings
the gold checkmark turned twitter into an attack surface. paying for trust signals was always going to get exploited eventually
11 NFTs and 3.9 ETH stolen alongside the USDC. the attacker knew exactly what they were doing, timed it for max visibility
30 minutes and they grabbed $750K. the speed tells you it was prepped well in advance. probably had the contract ready and just needed the account access
verified badge + urgent time-sensitive mint = perfect scam combo. twitters blue check was supposed to mean authenticity not trust this link with your wallet
exactly. old blue check meant identity verification, new one just means you paid $8. completely different trust signal and scammers know it
land mint was the perfect bait. azuki holders been waiting for that announcement for months, of course they rushed in without thinking
nft_otel_ 30 minutes and $750K gone. the gold verification check on the compromised account gave the malicious link instant credibility. twitter verification was literally a vulnerability here
a fake land mint draining 11 NFTs and 3.9 ETH in half an hour. MetaMask and Phantom flagged the domains after the damage was done. reactive security in a 30 minute attack window is basically no security