- Yuga Labs confirmed that the Bored Ape Yacht Club collection Discord server was hacked and 200 ETH worth of NFTs were stolen via a phishing attack.
- This attack is the third time a hacker has posed as an account managed by Yuga Labs to steal user funds, and the second on Discord.
- Blockchain detective OKHotshot estimates that approximately 145 NFTs were stolen, who managed to trace the stolen funds to four different wallets.
If you follow Bitcoin Mexico very closely, especially the introductory guide series, you will know what phishing is and how to avoid it, but for the purpose of review, phishing is a very common technique that relies on social engineering to steal information. or money.
In fact, Phishing translates into Spanish as ‘Fishing’ and this is precisely what they do Hackers psychologically manipulate their victims to get them to trust them and make security mistakes or hand over sensitive information.
This is not a new strategy but it has resonated quite a bit within the crypto community and the most recent attack has been against the largest NFT collection in the market.
YugaLabsthe group behind Bored Ape Yacht Club (BAYC) and OtherSide, confirmed that the Discord server of the most popular non-fungible token collection, BAYC, had been hacked and with it came a phishing attack that resulted in 200 stolen ETH in NFTs, roughly $360k US dollars.
BAYC is hacked for the third time
This attack is the third time a hacker has posed as an account managed by Yuga Labs to steal funds from users.
It all started when Twitter user OKHotshot, a blockchain detective, reported on the platform that the two official Discord groups linked to BAYC and Otherside NFT had been compromised on June 4 at 6:49 am.
In the OKHotshot report you can see images of the BAYC Discord channel where the administrator BorisVagner allegedly announcing the launch of another exclusive giveaway.
To access the launch, you had to go to a supposed “official website”. However, it was a phishing site. In other words, if a person accessed the link, they could lose important information such as their private keys or directly sign a contract in which their NFTs were transferred.
Thus, once the hackers gained access to Vagner’s Discord account, they sent phishing links to the official BAYC groups, Mutant Ape Yacht Club, and Otherside.
The message from the hacker posing as Boris Vagner, a social and community manager for Yuga Labs, demonstrates the techniques used for phishing. The objective is to provoke a feeling in the users that leads them to directly do what the message asks them to do and, therefore, they use phrases such as “please note that there are only limited quantities” or promises such as great gifts.
OKHotshot estimates that approximately 145 NFTs were stolen, who managed to trace the stolen funds to four different wallets.
BAYC addresses the situation
Nearly 11 hours later after the OKHotshot report, BAYC officially reported that their Discord servers had been compromised, and according to BAYC, “the team caught it and quickly addressed it,” but despite them, they estimated that 200 were affected. ETH to NFT.
They also assured that they were investigating what happened and asked all those affected to send an email to [email protected].
Phishing attacks are becoming more and more common within the crypto community. Consequently, we invite you to read the guide that provides information on how to take preventive measures.
You might be interested in: