“Do not mint anything from any Discord right now. A webhook in our Discord was briefly compromised. We caught it immediately but please know: we are not doing any April Fools stealth mints / airdrops etc. Other Discords are also being attacked right now.”
Bored Ape’s everywhere
The main issue was that the ticket tool for verifying users and pushing channel notifications got compromised. Users who click on these compromised links would be led to an illicit script that could steal users’ wallet details and NFTs.
Not just the BAYC Discord server, but other servers, including Doodles, Shamanzs, and Nyoki, who employ the same tool, experienced similar phishing messages.
After the attack, the servers were closed for new members. According to the blockchain security organization PeckShield, the attackers managed to drain the Mutant Ape Yacht Club #8662 NFT.
In addition, one BAYC #3738, one MAYC, and two NFTS from the doodle collection held by the Taiwanese pop singer Jay Chou were also looted.
NFT heists on the rise
NFT thieves are on fire as a single click of mistake from the user can loot their entire wallet. One after the other, the attackers are reinventing ways to fool investors and acquire their assets.