The Bored Ape Yacht Club (BAYC) Discord server has suffered another hack. This is the second time the NFT collection is hacked in the space of two months.
The malicious entity gained access to the Discord server by compromising and gaining control of the Community manager Boris Vagner’s account. Following this, the attacker posted the link to a phishing site through which he made away with the victims’ digital assets.
The news of the attack was first reported by @NFTherder an on-chain analyst and NFT audit and Discord security expert. He announced in the tweet that:
“BAYC & OtherSide discords got compromised. Seems because Community Manager @BorisVagner got his account breached, which let the scammers execute their phishing attack. Over 145E in was stolen Proper permissions could prevent this”.
The extent of the BAYC hack
The tweet also showed that the attacker posted a phishing site using the community manager’s account. As of the time of the tweet over 145ETH had been siphoned from victims to four different wallets.
Yuga Labs were not quick to comment about the attack. Their statement came about 11 hours after the initial announcement by NFTherder stating that:
“Our Discord servers were briefly exploited today. The team caught and addressed it quickly. About 200 ETH worth of NFTs appears to have been impacted. We are still investigating, but if you were impacted, email us at firstname.lastname@example.org”.
In the tweet, Yuga labs also clarified the figure to be about 200ETH ($360,000) worth of NFTs. Furthermore, Blockchain security firm Peckshield analyzed the attack. And their data shows that 32 NFTs were lost to the attacker. Top among the stolen NFTs were 1 Bored Ape, 2 Mutant apes, 5 Otherdeeds among others. These figures were also corroborated by another blockchain security outfit CertiK.
Same old Enemy?
In an amazing turn of events, another on-chain analyst @Zachxbt who previously analyzed the hackers MO in the past. Believes that the same group was responsible for both attacks on the BAYC Discord. He also claimed that the attackers sent him $60 worth of ETH.
The recent attack is not the first time that Yuga labs is suffering an attack probably by probably the same group, going by @zachxbt’s analysis. In April, the BAYC Instagram and Discord server were hacked and the lost was in the tune of 765.3Eth and 97 NFTs.
Following the previous hack victims were advised to contact the team. A directive which was also repeated in this case but it is still unknown if any victims has been compensated.
Market Reaction to the BAYC hack
According to data from CryptoSlam the floor price of BAYC rose in the face of the attack but total sales volume dropped after the attack. Despite this BAYC, MAYC and Otherdeeds still maintained the top 5 position among NFT collections in terms of sales volume.
Going forward, NFTherder advised for security and vigilance because the breaches will be around for a while. Yuga labs also warned holders and members of the community that it would not announce any surprise mint.