140 ETH stolen in Bored Ape Discord server hack

140 ETH stolen in Bored Ape Discord server hack

Poaching on the Bored Ape – The Bored Ape Yacht Club, created by Yuga Labs, is one of the collections of NFT the most coveted in the ecosystem. It is also one of the most expensive on the Ethereum (ETH) blockchain. A prize that continues to arouse covetousness, especially among hackers. Thus, the Bored Ape Yacht Club have been the target of a resounding new hack.

The Bored Ape (BAYC) victims of a new hack

Yuga Labs is by far the most prominent NFT studio inEthereum. Thus, the latter are at the origin of the famous collections Bored Ape Yacht Club or Mutant Ape. With a minimum price of 95.5 ETH and 19.45 ETH respectively, many users have only one dream: to get their hands on one of these precious NFTs.

Obviously, this rarity attracts the covetousness of hackers. Moreover, they have already tackled Yuga Labs projects on many occasions. Last April, the account Bored Ape’s official Instagram had been hacked. The attacker had managed to steal for the equivalent of $2.8 million in NFT.

A new affair unfortunately tarnishes the picture. Thus, on June 4, the Internet user @NFTherder specialized in on-chain analysis a alert the community of a new hack targeting Bored Ape.

According to his revelations, it would seem that the Yuga Labs community manager discord accountBoris Vagner, has been hacked.

Tweet announcing the hack – Source: @NFTTherder, Twitter

>> Play it safe, register on the reference of FTX crypto exchanges (affiliate link) <<

Thirty NFTs stolen in this phishing attack

After the account was corrupted, the attacker posted a message announcing a fake contest allowing Yuga Labs NFT holders to earn exclusive NFTs. This false announcement was provided with a link, leading to the site of the contest.

Unsurprisingly, the supposed contest link was actually a phishing link. This reproduced the exact site of Yuga Labs in order to fool users.

On the fraudulent site, the user is invited to sign a transaction to participate in the contest and hope to win a valuable NFT produced by Yuga Labs. In practice, this turns out to be a transaction allowing the attacker to spend the funds held by the address or take control of their precious NFTs.

In total, it seems that 11 addresses have fallen into the trap. This allowed the attacker to steal 1 Bored Ape Yacht Club, 2 Mutant Ape Yacht Club, 6 Otherdeeds, 1 Bored Ape Kennen Club and an twenty NFTs from other collections.

Obviously, once the NFTs were in his possession, the attacker hastened to sell them, at prices slightly lower than the minimum prices normally practiced. After making his sales, the striker was able to recover just under 140ETHor about $240,000 at the current price.

An attack carried out by an amateur?

Once the ETH was in his possession, the attacker dispersed the funds to multiple addresses. Then he forwarded part of it via the protocol Tornado Cash to cover the tracks.

One point remains surprising. Indeed, most of these addresses already have transaction histories. Usually, attackers favor blank addresses so as not to link their attack to their usual addresses. Perhaps this clumsiness will allow on-chain analysts to find the culprit.

For the moment, no announcement has been made on the side of Yuga Labs or Bored Ape to address the hack.

Unfortunately, this event is not isolated. Several NFT holders have recently been scammed, causing the loss of 29 Moonbirds worth about $1.5 million.

Stay away from spammers and scammers of all stripes, avoid too-good-to-be-true offers like the plague, and get into the habit of showing healthy suspicion. On the other hand, also learn to place reasonable trust in respectable and recognized players in the ecosystem. The FTX platform falls without a shadow of a doubt into this second category. Come acquire and trade your first bitcoins and other cryptocurrencies by registering on FTX. You will benefit from a lifetime discount on your transaction fees (affiliate link).

Leave a Comment

Your email address will not be published. Required fields are marked *