The Bored Ape Yacht Club (BAYC) Discord server was hacked last weekend 200 ETH ($360,000) worth of NFTs stolen.
“Our Discord servers were briefly exploited today. The team caught and addressed it quickly”, the official BAYC account tweeted on 4 June.
“As a reminder, we do not offer surprise mints or giveaways”, it wrote in a follow up.
As a reminder, we do not offer surprise mints or giveaways.
— Bored Ape Yacht Club (@BoredApeYC) June 4, 2022
According to data from blockchain security firm PeckShield, one BAYC and two Mutant Apes tokens were stolen in the scam.
The scam was conducted via the alleged hack of Yuga Labs community manager Boris Vagner’s Discord account. Once in control of the account, the hackers claimed that the group was offering an exclusive giveaway with a link to a phishing site.
Once users visited the site and attempted to mint the NFT, it is likely that their cryptocurrency was stolen.
Around 32 NFTs were stolen, including those from the Bored Ape Yacht Club, Otherdeed, Bored App Kennel Club, and Mutant Ape Yacht Club projects, blockchain cybersecurity firm PeckShield.
— PeckShieldAlert (@PeckShieldAlert) June 4, 2022
"Hey @everyone we were hacked an hour ago hopefully no one clicked any links,” Richard Vagner said in a Discord message at 09:00 UTC, according to Fortune.
“We’ve got back control of the discord and Boris’s account thank god he didn’t delete the whole server.”
The Independent has reached out to Yuga Labs for comment.
NFTs, and specifically the Bored Ape Yacht Club, has been the target of numerous attacks. Last month, its official Instagram account was compromised. “There is no mint going on today. It looks like BAYC Instagram was hacked. Do not mint anything, click links, or link your wallet to anything,” the group wrote in a tweet.
Blockchain records show that an address thought to belong to the hacker received 134 NFTs within the space of a few hours, according to Motherboard. It is unclear how the account was compromised.