Skip to content

BAYC, Nyoki, Shamanz and other NFT projects suffer Discord hack

  • by
  • 2 min read

Multiple major NFT projects, including the Bored Ape Yacht Club, Nyoki and Shamanz, all had their Discord servers hacked early Friday morning by scammers trying to trick users into handing over their NFTs. 

The three clubs confirmed that their Discord servers were hacked in tweets. Independent blockchain investigator Zachxbt shared screenshots indicating that Doodles and Kaiju Kingz’s Discord servers were also targeted. 

The main objective of the hack was to get users to link on a link to mint a fake NFT by sending ETH or, in some cases, an NFT to wrap into a token. 

In the News: Elon Musk takes 9.2% stake in Twitter, Jack Dorsey owns 2.25%

Not the first attack, and it might not be the last

The BAYC Twitter account sent out a warning asking people not to mint anything from their Discord at the moment, stating that a webhook on their Discord server was “briefly compromised”. Nyoki Club also tweeted about the hack, saying that the attackers were able to send a fake mint website as an announcement by using one founder’s access tokens. They further added that any losses would be covered.

So far, two wallet addresses have been tied to the hacks labelled as Fake_Phishing5519 and Fake_Phishing5520 on Etherscan, a blockchain exploring platform. At least one Mutant Ape Yacht Club NFT was stolen and sold off by the 5519 wallets, sending 19.85 ETH to the 5520 wallets. 

The 5520 wallets, in return, sent 61 ETH to Tornado Cash, a mixing service that improves transaction privacy by breaking the on-chain link between source and destination addresses. The last transaction from this wallet is a transfer of 0.6 ETH to a previously inactive wallet that then forwarded that amount to another active wallet currently holding 1,447 ETH, six million Tether coins and several other tokens. 

In the News: Samsung Galaxy M33 5G unveiled in India: Price, release date and specs

Yadullah Abidi

Yadullah Abidi

Yadullah is a Computer Science graduate who writes/edits/shoots/codes all things cybersecurity, gaming, and tech hardware. When he's not, he streams himself racing virtual cars. He's been writing and reporting on tech and cybersecurity with websites like Candid.Technology and MakeUseOf since 2018. You can contact him here: yadullahabidi@pm.me.

>