Another day, another stolen ape, and the Bored Ape Yacht Club Discord hacked again. In the wee hours of the morning on June 4th, an attacker was able to compromise mod accounts and bots in the BAYC and Otherside Discord servers, and posted a malicious giveaway link. Victims thinking they would receive a giveaway approved the attacker to transfer their NFTs, resulting in 180+ ETH of losses.
There has been no communication yet from Yuga Labs or the Otherside team about the hack, either as a warning, or a postmortem. Users should assume the Discords are still compromised until otherwise notified by the teams. If you’re in those servers – do not click any links, do not open any files, and do not accept any DMs!
There is a recurring pattern of Yuga Labs social media accounts being compromised (like their Instagram), with disastrous results for their community. Holders should demand accountability for these failures. This many incidents points to a systemic issue with security within Yuga Labs.
As of now, the attacker seems to have finished his crime spree, and cashed out the NFTs. Ether from the attack wallet has been transferred to a named account, federalinformant.eth, who also funded the attacker initially. Funding an attack from a public wallet is quite a brazen move, and may place him at risk of discovery.
The attacker tricked users into providing approval to transfer their tokens. Some users got NFTs from multiple collections stolen, which suggests they approved several unique transactions. This attack did not just target BAYC/MAYC assets, but anything valuable that wasn’t nailed down.
One user, rickshah.eth, signed 18 different malicious approval transactions! That’s gotta be a record somewhere.
Do YOU know what to do if you are tricked into signing a malicious approval?
If you don’t know immediately, off the top of your head, you need to go read and bookmark this post: What To Do If You Fall Victim To a Crypto Scam. I’ve written a comprehensive guide to responding to the most common scam scenarios, so you know exactly what your options are to respond.
Stay safe out there anon. Remember, if it seems too good to be true – it is! Don’t click links.
I’ll update this post as more information comes in.