Yuga Labs’ BAYC, OtherSide Discord groups breached, over 145 ETH stolen

Published at: June 5, 2022

Yuga Labs, the creator of two of the most popular ape-themed nonfungible token (NFT) offerings — Bored Ape Yacht Club (BAYC) and OtherSide — witnessed yet another orchestrated phishing attack, with investors losing over 145 Ether (ETH) or nearly $260,000 at the time of writing.

OKHotshot, a blockchain detective and a member of the Crypto Twitter community, alerted crypto investors about the compromise of two official Discord groups linked to BAYC and OtherSide NFTs.

BAYC & OtherSide discords got compromised‼️Seems because Community Manager @BorisVagner got his account breached, which let the scammers execute their phishing attack. Over 145E in was stolen Proper permissions could prevent this pic.twitter.com/lCl2DfZQ0W

— OKHotshot (@NFTherder) June 4, 2022

According to OKHotshot’s investigations, the attack was conducted by hacking into the Discord account of Boris Vagner, community and social manager at Yuga Labs. 

After gaining unrestricted access to the employee’s account, scammers shared various phishing links from Vagner’s Discord account into the official BAYC, Mutant Ape Yacht Club and Otherside groups.

Many users in the Discord groups, unwary about the ongoing scam, fell for the phishing messages that promised limited-quantity giveaways made available for existing NFT holders — as evidenced by the above screenshot.

Concluding the investigation, OKHotshot revealed the wallets that held and transferred the recently compromised NFTs, making it the second time BAYC fell victim to an attack in as many weeks.

Yuga Labs has not yet responded to Cointelegraph’s request for comment.

Related: NFT owners reminded to be vigilant after 29 Moonbirds were stolen by clicking a bad link

On May 25, a Proof Collective member lost 29 high-valued Ethereum-based Moonbirds NFTs worth $1.5 million amid an ongoing scam.

29 Moonbirds were just stolen in a hack. ~750e (~$1,500,000) in value lost by clicking on a bad link.Sickening seeing stuff like this. Let this be a reminder to never ever click on links and to bookmark the marketplaces/trading sites that you use. pic.twitter.com/7iWO5LMovL

— Cirrus (@CirrusNFT) May 25, 2022

While the total damage around this hack remains unclear, the recent crypto scams are a harsh wake-up call for NFT owners to exercise caution when dealing with third-party platforms and to double-check anything shared by others, even if they appear trustworthy.

Tags
Nft
Related Posts
Etherscan, CoinGecko warn against ongoing MetaMask phishing attacks
Popular crypto analytics platforms Etherscan and CoinGecko have parallelly issued an alert against an ongoing phishing attack on their platforms. The firms began investigating the attack after numerous users reported unusual MetaMask pop-ups prompting users to connect their crypto wallets to the website. Based on the information disclosed by the analytics firms, the latest phishing attack attempts to gain access to users’ funds by requesting to integrate their crypto wallets via MetaMask once they access the official websites. Security Alert: If you are on the CoinGecko website and you are being prompted by your Metamask to connect to this site, …
Blockchain / May 14, 2022
STEPN impersonators stealing users' seed phrases, warn security experts
Peckshield, a prominent blockchain security firm, exposed the existence of numerous phishing websites for the Web3 lifestyle app STEPN on Monday. Hackers insert a forged MetaMask browser plugin through which they can steal seed phrases from unsuspecting STEPN users, according to Peckshield. When these cybercriminals obtain the seed phrase, they gain complete control over the STEPN user's dashboard where they may connect their stolen wallets to their own or "claim" a giveaway as per Peckshield. #PeckShieldAlert #phishing PeckShield has detected a bath of @Stepnofficial phishing sites. They insert a false Metamask browser extension leading to stealing your seed phrase or …
Adoption / April 25, 2022
5 sneaky tricks crypto phishing scammers used last year: SlowMist
Blockchain security firm SlowMist has highlighted five common phishing techniques crypto scammers used on victims in 2022, including malicious browser bookmarks, phony sales orders and trojan malware spread on messaging app Discord. It comes after the security firm recorded a total of 303 blockchain security incidents in the year, with 31.6% of these incidents caused by phishing, rug pull or other scams, according to a Jan. 9 SlowMist blockchain security report. Malicious browser bookmarks One of the phishing strategies makes use of bookmark managers, a feature in most modern browsers. SlowMist said scammers have been exploiting these to ultimately gain …
Blockchain / Jan. 10, 2023
Mintable pledges to return NFTs stolen in OpenSea exploit
Major nonfungible token (NFT) marketplace OpenSea announced a service upgrade on Saturday, which requested that users migrate their listed assets from the Ethereum (ETH) blockchain to a newly created smart contract. However, in the hours that followed, 32 users of the platform became victims of a targeted email phishing attack which resulted in an anonymous entity stealing $1.7 million worth of ETH. OpenSea CEO, Devin Finzer published a tweet thread explaining that the breach was orchestrated via fake email scams which assured users of their OpenSea identity, convinced them to sign a digital message with their wallet, and therefore unknowingly …
Blockchain / Feb. 23, 2022
MetaMask issues scam alert as NameCheap hacker sends unauthorized emails
Popular crypto wallet provider MetaMask warned investors against ongoing phishing attempts by scammers attempting to contact users through NameCheap’s third-party upstream system for emails. On the evening of Feb. 12, web hosting company NameCheap detected the misuse of one of its third-party services for sending some unauthorized emails — which directly targeted MetaMask users. Namecheap described the incident as an "email gateway issue." ⚠️MetaMask does not collect KYC info and will never email you about your account! Do not enter your Secret Recovery Phrase on a website EVER. If you got an email today from MetaMask or Namecheap or anyone …
Blockchain / Feb. 13, 2023