Update: The stolen Mutant Ape Yacht Club #8662 apparently belonged to the Taiwanese pop superstar Jay Chou, which seems confirmed by himself via a post on Instagram. Chou lost NFTs in the phishing attack at a total value of $550,000, including the aforementioned MAYC, a Bored Ape Yacht Club ape that was gifted to him by famous Taiwanese singer Jeffrey Hwang, aka Machi Big Brother.
Chou also lost two NFTs of the Doodles collection, which seems to confirm that the Doodles Discord server has been compromised as well.
One of the most famous and definitely the largest NFT collection in the world by market value, got their Discord server hacked by an unknown hacker. The hacker gained access to the Discord server that hosts Bored Ape Yacht Club, Mutant Ape Yacht Club and Mutant Ape Kennel Club, all three NFT collections from Yuga Labs.
The team behind the Discord server confirmed the hack in a brief tweet not containing much information or any details of the hack or its modus operandi. According to security company PeckShield, the hacker managed to post phishing links in the Mutant Ape Yacht Club channel.
“We are not doing any April Fools stealth mints”
This link was meant to be seen as a “stealth NFT mint” and one Mutant Ape Yacht Club owner apparently fell prey to the phishing attack and Mutant Ape Yacht Club #8662 was stolen from the user.
#PeckShieldAlert @BoredApeYC Discord compromised, MutantApeYachtClub #8662 has been stolen.https://t.co/bMQrBgxreU
https://mintboredapeyc[.com]/ is #phishing site. Do *NOT* fall prey to it. https://t.co/NLMiIzKsR6 pic.twitter.com/mUlAkImvRY— PeckShieldAlert (@PeckShieldAlert) April 1, 2022
The team behind the BAYC said in a tweet that they had “caught it [the hack] immediately”, though obviously not fast enough to stop any thefts, and warned users not to mint any NFT using a link posted on its Discord. The tweet from the team also reminded users that “we are not doing any April Fools stealth mints/airdrops etc.”
“STAY SAFE. Do not mint anything from any Discord right now. A webhook in our Discord was briefly compromised,” the BAYC team wrote in the tweet. “We caught it immediately but please know: we are not doing any April Fools stealth mints / airdrops etc. Other Discords are also being attacked right now.”
STAY SAFE. Do not mint anything from any Discord right now. A webhook in our Discord was briefly compromised. We caught it immediately but please know: we are not doing any April Fools stealth mints / airdrops etc. Other Discords are also being attacked right now.
— Bored Ape Yacht Club (@BoredApeYC) April 1, 2022
“#PeckShieldAlert @BoredApeYC Discord compromised, MutantApeYachtClub #8662 has been stolen.https://etherscan.io/address/0xad7f0a2427f93bc8fc178a73ae0d2d188682884f…https://mintboredapeyc[.com]/ is #phishing site. Do *NOT* fall prey to it,” security firm PeckShield tweeted, and published the Ethereum address of the hackers.
Doodles’ Discord hacked too?
In response to the announcement from the BAYC team, Piyush Khemka, software engineer at Meta, pointed out that “there is a very sophisticated scam going around right now in the Crypto space.”
“There is a very sophisticated scam going around right now in the Crypto space. Couple of hackers bought some verified accounts & are pretending to be BAYC founders. They are charging 0.33 ETH to mint new digital coins. Stay safe out there people. Crypto is truly the wild west!,” Khemka tweets.
There is a very sophisticated scam going around right now in the Crypto space. Couple of hackers bought some verified accounts & are pretending to be BAYC founders. They are charging 0.33 ETH to mint new digital coins. Stay safe out there people. Crypto is truly the wild west!
— Piyush Khemka (@piy9) March 24, 2022
Also, other users have warned about similar exploits and maybe hacks, on the Doodles’ Discord server, Doodles being another hot and highly valued NFT collection. At press time, the Doodles team has not responded to these alerts.
🚨🚨🚨 DOODLES DISCORD ALSO HACKED. NOT AN APRIL FOOLS JOKE, BE CAREFUL!!! 🚨🚨🚨
— Farokh.eth (🎙, 🎙) (@farokh) April 1, 2022
Credit: Source link