Yuga Labs, the developer of the popular ape-themed NFTs known collectively as the Bored Ape Yacht Club (BAYC), has once again made headlines after threat actors gained access to one of their official Discord servers.
According to an investigation led by NFT analyst and blockchain detective OKHotshot, scammers hacked into the Discord account of the BAYC’s community and social media manager and conducted a phishing attack on unwary investors.
The scam posted on June 4, claimed to be an exclusive BAYC and Otherside giveaway for existing NFT holders which allowed them to mint free nonfungible tokens.
“We have some exciting news to share to all of you especially all of our BAYC, MAYC, AND Otherside Holders,” the phony message read.
“We are releasing ANOTHER exclusive giveaway to all of our holders listed above! Please note that there’s only a limited quantity, if you are a holder and you were too slow to get one and unfortunately did pay a high gas fee, we proceed for the next coming days. (Just be patient!)” the scam message concludes.
Visitors who accessed the phishing link embedded in the Discord post were in for an unpleasant surprise. According to user reports, the attackers stole over 145 Ethereum or about USD 250,000.
A similar incident was reported in April, when attackers took over BAYC’s official Instagram account, swindling investors out of USD 3 million worth of NFTs.
The extent of the phishing attack is not yet known. However, BAYC says that about 200 ETH worth of NFTs was stolen.
“Our Discord servers were briefly exploited today,” the BAYC tweeted. “The team caught and addressed it quickly. About 200 ETH worth of NFTs appear to have been impacted. We are still investigating, but if you were impacted, email us at [email protected].”
The NFT developers also reminded investors that they do not offer surprise mints or giveaways.
Digital miscreants often piggyback on the popularity of cryptocurrency and other virtual assets to scam unwary investors. As a rule of thumb, always investigate giveaway messages posted on social media platforms, even if they appear to come from an official source, and use a security solution to block phishing links before they can harm you financially.
Check out Bitdefender Premium Security for peace of mind when surfing the web and interacting with your favorite platforms. You get award-winning detection to stop and prevent sophisticated cyber threats and advanced anti-phishing protection alongside a state-of-the-art Password Manager and unlimited VPN traffic.