A number of top NFT outfits have been the target of a barrage of recent cyberattacks, where hackers took over the channels' bots to make use of phishing tactics, in order to convince users to mint fake NFTs.
STAY SAFE. Do not mint anything from any Discord right now. A webhook in our Discord was briefly compromised. We caught it immediately but please know: we are not doing any April Fools stealth mints / airdrops etc. Other Discords are also being attacked right now.April 1, 2022
Bored Ape Yacht Club (BAYC), Nyoki, and Shamanz have all tweeted about the incident, confirming their Discords were hit, and blockchain investigator Zachxbt posted screenshots as proof that both the Doodles and Kaiju Kingz NFT projects have also been targeted.
Vice reports that the tactics used included tricking people into clicking a link, so they could mint a non-existent NFT. The hackers came in asking for ethereum, or an NFT wrapped into a token and appear to have been successful in a few instances.
“Oh no, our dogs are mutating," one hacked bot announced. «MAKC can be staked for our $APE token. Holders of MAYC + BAYC will be able to claim exclusive rewards just by simply minting and holding our mutant dogs.» Alas, there were no mutant dog NFTs to be found, only pain and suffering.
The attempts have been traced back to a couple of cryptocurrency wallets now, on Etherscan—a blockchain explorer that can warn you of potential scams—these are labeled Fake_Phishing5519 and Fake_Phishing5520.
Among the swag, a Yuga Labs BAYC spinoff NFT was sold for 20 ethereum (~$69,000), the majority of which was swiftly transferred from the 5519 wallet, to the one marked 5520. 61 ETH ($211,000) then went through Tornado Cash, a site that essentially «improves
Read more on pcgamer.com