Yuga Labs, the creator of two of the most popular ape-themed nonfungible token (NFT) offerings — Bored Ape Yacht Club (BAYC) and OtherSide — witnessed yet another orchestrated phishing attack with investors losing over 145 Ether (ETH) or nearly $260,000 at the time of writing.
OKHotshot, a blockchain detective and a member of the Crypto Twitter community, alerted crypto investors about the compromise of two official Discord groups linked to BAYC and OtherSide NFTs.
BAYC & OtherSide discords got compromised‼️Seems because Community Manager @BorisVagner got his account breached, which let the scammers execute their phishing attack. Over 145E in was stolen Proper permissions could prevent this pic.twitter.com/lCl2DfZQ0W
According to OKHotshot’s investigations, the attack was conducted by hacking into the Discord account of Boris Vagner, community and social manager for Yuga Labs.
After gaining unrestricted access to the employee’s account, scammers shared various phishing links from Vagner’s Discord account into the official BAYC, Mutant Ape Yacht Club (MAYC) and Otherside groups.
Many users in the Discord groups, unwary about the ongoing scam, fell for the phishing messages that promised limited-quantity giveaways made available for existing NFT holders — as evidenced by the above screenshot.
Concluding the investigation, OKHotshot revealed the wallets that held and transferred the recently compromised NFTs, making the second time BAYC fell victim to an attack in two weeks.
Yuga Labs has not yet responded to Cointelegraph’s request for comment.
Related: NFT owners reminded to be vigilant after 29 Moonbirds were stolen by clicking a bad link
On May 25, a Proof Collective member lost 29 high-valued Ethereum-based Moonbirds NFTs
Read more on cointelegraph.com