Yuga Labs projects are the latest victims of Discord hacks after hackers got access to Bored Apes and Otherside servers.
It appears that the hackers got access to the servers by exploiting the account of the community manager, Boris Vagner. Once they got access, they executed a phishing attack, stealing 145 ETH.
Onchain analyst OKHotshot first broke the news on Twitter, saying that “Proper permissions could prevent this.” Blockchain security firm PeckShield confirmed this hack soon after.
The hackers used the usual approach of a giveaway to lure people into clicking on the phishing link. The post claims it’s an exclusive giveaway for BAYC, MAYC, and Otherside holders. Those who clicked on the link immediately had their wallets compromised.
According to PeckShield, they stole 32 NFTs, including 1 Bored Ape, 2 Mutant Apes, 5 Otherdeeds, and 1 Bored Kennel. Yuga Labs and Bored Apes are yet to release any official statements about the hack.
Not the first time
This isn’t the first time that the Bored Apes Discord server has been hacked, although it appears the recent one is more significant. Less than 2 months ago, hackers breached Bored Apes Discord Server and Instagram page and posted a link about a mint.
At the time, the fake mint was for the upcoming Otherside Meta, which launched later that week. Those who clicked the link lost access to their wallet.
Bored Apes Twitter page was quick to alert users about the hack at the time. OpenSea data showed the transfer of about 24 Bored Apes and 30 Mutant Apes. But it’s possible they didn’t steal all these assets, and some owners just moved their NFTs for security reasons.
Other projects have also experienced similar situations in recent times. A few weeks ago, Axie Infinity claimed there was a compromise of MEE6 Bot on its Discord server. Although the MEE6 team denied this, many other projects made the same claim.
What do you think about this subject? Write to us and tell us!