Discord server of major NFT community turned out to be hacked via BOT

Bored Ape Yacht Club (BAYC) , a collection community that provides monkey icons with non-fungible tokens (NFT), hacked BAYC's official Discord server on April 1, 2022, and maliciously aimed at phishing attacks . Announced that a link has been posted. It has also been found that similar links have been posted on Discord servers in other NFT communities.

BAYC Says Discord Briefly Compromised, Tells Users to Avoid Discord for Minting APE NFTs

Bored Ape Yacht Club, Other Major NFT Project Discords Hacked by Scammers

According to security researcher Serpent , BAYC's Discord server has a link prompting them to 'create an April Fool's Day limited NFT.' Clicking on this link could lead to malicious scripts that steal users' NFTs and wallet information, Serpent said.

There are already reports that BAYC's NFTs and virtual currencies have been stolen, and it has been confirmed that about 20 ETH of Ethereum has moved from the damaged wallet.

Serpent claims that a phishing attack was carried out by hacking the Discord BOT ' Ticket Tool ' that manages push notifications and inquiry response. The official Twitter account for Ticket Tool, on the other hand, said, 'A recent update to the add command had a bug that allowed some kind of permission abuse. I'm going to find out exactly what happened. The BOT itself has some very disappointing bugs, but it's not at risk. '

BAYC's official Twitter account said, 'Be careful. Do not create or publish a new NFT from Discord now. Our Discord webhook was temporarily compromised. We immediately grasped the situation. However, please note that we do not create or distribute NFTs as April Fool's Day. Other Discords are also under attack. '

In addition, posting of phishing attack messages was confirmed on the Discord channel of the NFT community that also uses the Ticket Tool, such as Doodles, Shamanzs, and Nyoki.

As a result, the price of BAYC's cryptocurrency ' ApeCoin ' fell 8.3% in 24 hours.

in Software,   Web Service, Posted by log1i_yk