The BAYC Discord server hacked
Today, a number of members of the official discord server from Bored Ape Yacht Club (BAYC) had the unpleasant surprise of having their non-fungible tokens (NFTs) stolen.
According to the information currently available, it seems that it is the account of the BAYC community manager who is in question, the latter having a priori been hacked. The attacker(s) would then have used his account to spread a phishing link on the project’s Discord server.
🚨BAYC & OtherSide discord got compromised‼️
Seems because Community Manager @BorisVagner got his account breached, which let the scammers execute their phishing attack. Over 145E in was stolen
Proper permissions could prevent this pic.twitter.com/lCl2DfZQ0W
— OKHotshot (@NFTherder) June 4, 2022
According to current estimates, the amount of the larceny would amount to more than 145 Ethers (ETH), or approximately $256,000. The users concerned by the hack thus had the misfortune to click on the phishing link published by the official account of the community manager, which sent to a site encouraging you to connect your wallet in order to benefit from a exclusive gift “.
According to the security firm PeckShieldThose are 32 NFTs from several collections that were allegedly stolen, including 1 NFT from the BAYC, 2 mutant BAYCs, 5 NFTs from the Otherdeed metaverse and 1 NFT from the Bored Ape Kennel Club.
👉 On the same subject: 7 best practices to protect your cryptocurrency portfolio from a hack
The BAYC, the preferred target of hacks
Unfortunately, the risks of hacking, phishing and scams of all kinds often go hand in hand with the success of this or that project. In this case, the BAYC, which is probably the best-selling and most lucrative NFT project to date, is not its first hack.
Today’s attack reminds us of the sad episode at the end of April, broadly similar to today’s, during which a hacker managed totake ownership of the official Bored Ape Yacht Club Instagram account.
Promising to offer virtual courts in the Metaverse Otherdeedthe attacker had also submitted a link to the project’s official account, inviting users to connect their MetaMask wallet to the site. The total amount of loot was then around the $3 million.
Of course, we can only urge you to always check the addresses of the sites you are on if you have a wallet on your web browser, and this especially if you are prompted to connect it.
For the time being, no official press release has been issued either by the BAYC teams or by the project’s community manager.
👉 READ ALSO: Hack of artist Beeple’s Twitter account leads to over $400,000 in phishing theft