200 ETH Stolen in Yuga Labs Discord Hack

Yuga Labs, the company behind the ‘blue chip’ Bored Ape Yacht Club (BAYC) NFT collection, has confirmed that its Discord servers were “briefly exploited” leading to the loss of NFTs valued at over 200 ETH (US$357,000):

BAYC on the Back Foot

The news broke when Twitter user OKHotshot posted screenshots showing that a project community manager’s Discord account appeared to have been hacked, resulting in scammers being able to carry out a phishing attack:

As confusion reigned all over Twitter, it took the BAYC team 11 hours to acknowledge the exploit, adding in its thread that:

Subsequently, Yuga Labs’ co-founder Gordon Goner tweeted that “Discord isn’t working for Web3 communities. We need a better platform that puts security first.” Most didn’t take kindly to the lack of responsibility exhibited by the BAYC team, with one indignant user saying:

you didn’t lose your NFT because you used Discord. you lost your NFT because you signed a malicious transaction with your key. stop blaming Discord, another client won’t save you from repeating the same mistakes.

@stevefink via Twitter

The Wrong Kinds of Headlines

BAYC has been in the news a fair bit of late, albeit for the wrong reasons. Aside from its floor price dropping by over 50 percent in the past six months, this latest exploit is unfortunately not the first.

In April this year, BAYC’s Instagram account was compromised, resulting in US$2.8 million worth of NFTs being stolen. And in the following month, it committed what could only be described as a “minting fail” where over US$157 million in ETH was burned as part of the launch of its “Otherside” metaverse.