NFTs Security

NFT-Linked Hack Is On The Rise Again: Bored Ape Yacht Club Reports New Case

Pinterest LinkedIn Tumblr

Cyberattacks involving non-fungible tokens (NFTs) are on the rise. Since early 2022, a succession of hacks have been recorded, the most recent being the case of Bored Ape Yacht Club (BAYC).

BAYC Discord Server Under Cyber Attack

According to confirmation from the BAYC team, the project’s official Discord channel was attacked by an anonymous hacker.

The fraudster had exploited the platform’s vulnerabilities and got access to Bored Ape Yacht Club (BAYC), Mutant Ape Yacht Club (MAYC), and Mutant Ape Kennel Club (MAKC).

These 3 collections are under Yuga Labs’ management. The conduct was initially identified as a phishing attack.

Shortly after discovering the incident, the BAYC team issued a warning on Twitter, advising users not to engage in any transactional activities on Discord and adding that other Discord boards were also under cyber attack.

To wit,

“STAY SAFE. Do not mint anything from any Discord right now. A webhook in our Discord was briefly compromised. We caught it immediately but please know: we are not doing any April Fools stealth mints/airdrops etc. Other Discords are also being attacked right now.”

PeckShield provided additional information about the case. According to the blockchain security and data analytics firm, after gaining access to the Discord channel, the hacker posted a fraudulent link in Mutant Ape Kennel Club and stole the Mutant Art Yacht Club #8662.

It’s apparently a phony phishing link intended to steal money from users’ wallets.

The NFT belonged to the well-known Taiwanese artist Jay Chou, as the community swiftly discovered.

Jay Chou verified the fraud in an Instagram post. Unfortunately, the celebrity stated that other NFTs in his possession, including BAYC # 3738 and two Doodles NFTs, had been stolen.

It’s not looking like a good week for Jay Chou.

Hackers, Hackers Everywhere

A similar tactic was recently used to target the freshly launched NFT project Rare Bears.

The hacker took over the project’s Discord channel, provided a phishing scam link, and stole $800,000 in NFTs early on.

According to Peckshield’s investigation, the attacker allegedly took 179 NFTs, including Rare Bears and other NFTs from other collections, including CloneX, Azuk, and 6 LAND tokens used for The Sandbox’s Metaverse, among others.

According to on-chain research, the hacker sold the majority of the NFTs, earning him 286 ETH, which is worth more than $795,500.

The majority of it is routed through the Tornado Cash crypto mixer to conceal the source of funds.

On March 29, Ronin Network, Sky Mavis’ blockchain network designed for the game Axie Infinity, verified a hacker attack and made two money transactions.

The entire amount stolen was 173,600 ETH and 25.5 million USDC, which amounted to $615 million.

The attack is recognized as the largest in DeFi history, and it elicited conflicting comments within Axie Infinity gaming communities.

However, Sky Mavis, the developer of the game Axie Infinity, has announced that the team will reimburse players affected by the attack, which cost Ronin’s network $615 million.

Some of the stolen funds were transferred to centralized exchanges such as Huobi and FTX by hackers.

When dealing with substantial sums of money, all of these exchanges require KYC, allowing the attacker’s identity to be verified.

Digital asset exchange and projects are settings where investors can purchase, sell, trade, and store digital assets.

A growing number of trustworthy exchanges are cropping up, contributing to the growth of the blockchain industry.

On the other hand, many criminal actors are beginning to consider exchanges as attractive targets.

Attacks on digital asset exchanges and projects not only harm investors’ assets but also negatively affect the firms’ reputations.

A similar wave of phishing attempts has hit Discord in recent months, implying that teams should pay closer attention to the security of admin accounts.




Important Note: There have been reports of scammers approaching companies via Telegram, LinkedIn and Other Social platforms purporting to represent Blockonomi and offer advertising offers. We will never approach anyone directly. Please always make contact with us via our contact page here.

Avatar
Author

Nicholas Say was born in Ann Arbor, Michigan. He has traveled extensively, lived in Uruguay for many years, and currently resides in the Far East. His writing can be found all over the web, with special emphasis placed on realistic development, and the next generation of human technology.

1inch Exchange
As Featured In
As Featured In