Hackers exploited numerous discord servers, including that of BAYC. The attackers exploited a new update to the ticket tool discord bot to include phishing links across several servers.
The Increasing Number Of Stolen Nfts
Following the attack, the hackers made away with several high-value NFTs. In the early hours of April 1, hackers exploited the discord servers of BAYC, doodles, and other important NFT collections, making the NFT ecosystem confused. The bored ape server sent a message through its server at 6.20 UTC notifying users of a new NFT collection titled ‘mutant ape kennel club’ and included a fake minting link.
Users who weren’t aware that the minting link was fake clicked on the link, which enabled the hacker to steal their NFTs from their wallets. Almost at the same time, the attacker also discovered and exploited a loophole in a popular discord bot to hack servers and post links in official channels without requiring the permission of the server admin.
The fake discord message. Source: CubedMeta
The attacker also sent a lookalike message to the doodles discord server, notifying them about a new ‘genesis mint,’ which is limited in supply. However, the number of users who clicked the phishing link on the doodles discord server was significantly less than those on the BAYC discord message.
Otherwise, the hacker would have also stolen the NFTs of many of the discord users as he did with the BAYC users. Fortunately, the BAYC team got wind of the attack quickly enough and tweeted to that effect. Part of the tweet reads: “there was a brief compromise on our discord webhook. We put out this notice immediately after we discovered it. However, note that we aren’t doing any April fools stealth airdrops.”
An Insider Was Involved – DAPE Co-Founder
NFT advocate and one of DAPE founders (SerpentAU) opined that the hack on the popular discord captcha bot resulted in the server compromise. SerpentAU alleged some insider collaborators who gave insights to the hacker. However, BAYC has since confirmed that it was a ticket tool bug that enabled the attacker to exploit the servers.
The Ticket Tool official Twitter account reacted to SerpentAU’s allegation stating that they have reversed the upgrade that resulted in the bug. A PeckShield security report states that the hacker stole two Doodle NFTs and one NFT each of Bored Ape and Mutant Ape. Multiple data confirmed that the attacker had sold all the stolen NFTs.
An Unending Issue
This breach isn’t the first and would likely not be the last unless urgent measures are taken to resolve the many cases of compromised discord servers. Two months ago, a hacker exploited the Doodles discord server and posted phishing links, through which many users lost their doodles NFTs.
Nevertheless, it is not only discord that has been the victim of cases of NFTs losses to hackers. Opensea users were also exploited through a phishing email scam, with users losing more than $4m worth of NFTs, including the collections of BAYC and Azuki.