According to a report by Colin Wu, the Discord account of Bored Ape Yacht Club was compromised, some users’ funds were stolen and already hit the market. According to Etherscan, at least one NFT was stolen.
The official Discord account for Doodles was also compromised, just after the biggest NFT collection in the industry was showcased. It is not yet clear whether the hackers stole any NFTs from the collection.
Be safe Don’t get out of any kind of discord right now. A webhook in our Discord was compromised for a while. We caught it immediately but please know: We are not doing any April Fools Stealth Mint/Airdrops etc. Other Discords are also under attack right now.
— Bored Ape Yacht Club (@BoredApeYC) 1 April 2022
The official Twitter account of Bored Ape Yacht Club, with nearly 1 million followers, has also issued a warning to its users, asking them not to remove anything from the official Discord channel.
It’s not funny April Fool’s joke
Obviously, the date of the exploit chosen by the hackers was not random. Often, crypto and non-crypto projects organize various events to encourage their communities and distribute rewards. That’s why the hackers took advantage of the trust of the users and made this exploit like an April Fool’s joke.
In its warning tweet, BAYC told followers and NFT holders that this is neither AirDrop nor an April Fool’s joke or incident. The project also stated that other NFT collections are currently under attack, and that users should not use any links that appear in Discord channels related to NFTs as they may lead to phishing websites.
At press time, at least nine transactions related to “fake phishing5519” are registered on Etherscan, which could suggest that hackers stole more pieces than just one MutantApeYachtClub #8662 from the archive. The address is currently valued at $65,000.
Unfortunately, this is not the first hack or phishing attack on the NFT community, archive or even the market. At the beginning of the year, OpenC, the largest NFT trading platform, suffered a series of hacks, phishing attacks, and exploits, causing massive losses to users.