In yet another breach, members of the Bored Ape Yacht Club and the OtherSide community became victims of a phishing attack. Firstly, they targeted a BAYC Community manager, which led to scammers executing a phishing attack. Allegedly, the hackers then used the staff member’s account to compromise the BAYC Discord servers.
How did hackers scam the Bored Ape Yacht Club NFT memebership club?
In short, the scam led users to a fake website under the premise of a giveaway exclusive to BAYC, MAYC, and OtherSide holders. Unfortunately, the link was malicious, causing those unfortunate enough to use it to lose their assets. This latest attack comes only two months after BAYC suffered a massive loss through an Instagram hack on their official account. With their star-status, the BAYC community now struggle with incessant scammers.
Who fell for it? -How much did the hackers get away with?
The hackers got away with 32 NFTs in total. While that may not sound like much, total value of grifted NFTs amounted to 145 ETH . To explain, these included 1 BAYC, 2 MAYC, 5 Otherdeeds, and 1 BAKC.
For the majority, scammers win by the simple lack of awareness shown by holders. Almost every day, you hear about someone losing thousands of dollars cause they “fat-fingered” a transaction. In short, it is all too easy to overlook small details.
However, when hacks occur due to the lack of security set in place by an individual overseeing one of the world’s largest NFT collections, one might question precisely what is “safe” when security exits the room the moment a manager’s account is compromised.
The Future of NFT Project Security
As Discord remains the go-to for an NFT “community'” to build, it also invites a swarm of security risks. While mistakes happen, the BAYC community can’t seem to shake the constant Discord scams.
BAYC remains one of the most profitable collections while hosting the greatest land sale to date. However, as the collection continues to grow through its various avenues, it seems their security needs a massive upgrade.