In another breach, members of the Bored Ape Yacht Club and the OtherSide community fell victim to a phishing attack based on compromised Discord servers. Earlier today a community manager for BAYC @BorisVagner had his account choppedresulting in scammers running a phishing attack.
BAYC servers experience another hack
The scam impersonated Vagner and led users to a fake website on the premise of a giveaway exclusive to BAYC, MAYC, and OtherSide holders. Unfortunately, the link was malicious and unknown to the owners; The link caused those unfortunate enough to use it to lose their fortune. The total value of stolen tokens was 145 ETH (32 NFTs). These included 1 BAYC, 2 MAYC, 5 Otherdeeds and 1 BAKC.
This latest attack comes just two months after BAYC suffered a massive loss from an Instagram hack on their official account. Arguably the most coveted NFT collection to date, the BAYC community has gorged itself amid scammers. For the majority, scammers win from the simple lack of awareness on the part of the holders. Almost every day you hear about someone who has lost thousands of dollars because they “gambled their fingers” on a transaction or thought they had the right connection and forked their fortune.
However, when it comes to hacks due to a lack of security set up by a person who oversees one of the world’s largest collections of NFTs, one might wonder what exactly is “secure” when security leaves the room once one’s account manager is compromised. As Discord remains the go-to place for building an NFT “community,” it also invites a swarm of vulnerabilities. While mistakes do happen, this isn’t the first time the BAYC community has suffered from fraud within Discord.
BAYC remains one of the most profitable collections while hosting its largest land sale to date. However, as the collection continues to grow through its various avenues, security needs to be massively improved. It might be time for the BAYC community to move permanently from Discord to their own platform.