The BAYC team discovered a minor compromise of a ticket tool on Discord in the early Asian hours of Friday. Additionally, it impacted other NFT initiatives.
The official channel of the Bored Apes Yacht Club (BAYC) on the popular chat service Discord has been compromised by a malicious application designed to deceive users into minting bogus non-fungible tokens (NFTs) from the popular Bored Apes collection, the firm announced in a tweet on Friday.
“At this time, do not mint anything from any Discord channel. BAYC reported via a tweet that “a webhook in our Discord was momentarily hijacked.” “We promptly corrected it, however please be aware that we will not be conducting any April Fools stealth mints/airdrops, etc.”
According to security researchers, a ticketing service that verifies users and distributes channel-wide notices was hacked. By clicking on the fraudulent links that encouraged users to mint a limited edition NFT, researchers said, users may access an unlawful script that could steal their NFTs and other wallet information.
Several more NFT-centric Discord servers, including Doodles, Shamanzs, and Nyoki, all of which use the same technology, reported pseudonymous blockchain researcher ‘zachxbt’.
Shamanzs Discord hacked too.
— zachxbt (@zachxbt) April 1, 2022
At the time of writing, BAYC’s Discord channel was locked to new members. Thus far, only one NFT from BAYC’s Mutant Ape collection has been taken.
Disclaimer: These are the writer’s opinions and should not be considered investment advice. Readers should do their own research.