According to a report by Colin Wu, the Bored Ape Yacht Club's Discord account was compromised, with some users' funds stolen and already realized on the market. At least one NFT was stolen, according to EtherScan.
Right after the exposure of the biggest NFT collection in the industry, Doodles' official discord account was also compromised. It is not yet clear if hackers stole any NFTs from the collection.
STAY SAFE. Do not mint anything from any Discord right now. A webhook in our Discord was briefly compromised. We caught it immediately but please know: we are not doing any April Fools stealth mints / airdrops etc. Other Discords are also being attacked right now.
— Bored Ape Yacht Club (@BoredApeYC) April 1, 2022Peter Brandt Issues $250K Bitcoin Price Prediction, Dogecoin Founder Calls Out Market Manipulation, Ripple Wins Major License Boost – Crypto News DigestBinance Founder CZ Predicts 'Many ATHs' as Bitcoin Price Suddenly Goes ParabolicMorning Crypto Report: $1.69 Trillion Franklin Templeton Boosts XRP and Cardano (ADA), "$1 Million BTC" Advocate Samson Mow Backs Michael Saylor, When to Buy Bitcoin? Jim Cramer Teases OutlookSatoshi-Era Bitcoin Wallet Awakens After 15 Years
The official Twitter account of Bored Ape Yacht Club, with almost 1 million followers, has also released a warning for its users, asking them not to mint anything from the official Discord channel.
Not funny April Fools' joke
Obviously, the date of the exploit chosen by the hackers was not random. Often, crypto and non-crypto projects do various events to incentivize their communities and distribute prizes. That is why hackers exploited users' trust and made the exploit look like an April Fools' joke.
In their warning tweet, BAYC told followers and NFT holders that it is not an AirDrop nor an April Fools' joke or event. The project also said that other NFT collections are currently being attacked, and users should not use any link they see in NFT-related Discord channels as they may lead to phishing websites.
At press time, at least nine transactions related to "Fake Phishing5519" are registered at Etherscan, which may suggest that the hacker stole more pieces from the collection than only one MutantApeYachtClub #8662. The value of the address is currently at $65,000.
Unfortunately, it is not the first hack or phishing attack on the NFT community, collection or even marketplace. Earlier in the year, the biggest NFT trading platform, OpenSea, suffered a series of hacks, phishing attacks and exploits, which led to massive losses for users.
Dan Burgin
Vladislav Sopov
U.Today Editorial Team