Less than two months after someone compromised the official Bored Ape Yacht Club to steal $2.4 million worth of NFTs, BAYC creator Yuga Labs is once again facing questions about its security measures. In the early hours of June 4th, a scammer ran a phishing attack that earned him 32 NFTs worth about 142 Ethereum . After obtaining a community manager’s credentials, the hacker reportedly used the official Bored Apes Discord to promote a fake giveaway exclusive to Bored Ape, Mutant Ape, and Otherside NFT owners.
🚨BAYC & OtherSide Discords have been compromised‼️
Seems because Community Manager @BorisVagner his account was hacked, allowing the scammers to carry out their phishing attack. Over 145 euros were stolen
Proper permissions could prevent this pic.twitter.com/lCl2DfZQ0W
— OKHotshot (@NFTherder) June 4, 2022
“Don’t mint through ANY other website,” the announcement said after linking to the website the hacker used to steal the NFTs. “This is the only official site!” According to the blockchain security firm , a BAYC and two Mutant Apes tokens were stolen in the scam. At the current Ethereum exchange rate, the entire 32 NFT treasure is worth approximately $256,000.
We reached out to Yuga Labs for comment. The company has yet to issue an official statement on the incident – although it was quick to shut down the Bored Apes Discord following the scam. The server, alongside a handful of others tied to high-profile NFT projects, was too chopped In early April, when a bad actor compromised the CAPTCHA bot Yuga Labs uses to discourage spammers.
This article was previously published on Source link