The Discord servers of popular NFT projects, including the Bored Ape Yacht Club, were targeted by scammers in the early hours of April Fools'. Some users reported losing money to the bad actors who hacked the projects' bots to post fake offers with links to their phishing websites, Motherboard reports. One of the phishing posts by a compromised Bored Ape bot read: "Oh no, our dogs are mutating. MAKC can be staked for our $APE token. Holders of MAYC + BAYC will be able to claim exclusive rewards just by simply minting and holding our mutant dogs."
BAYC Discord has been hacked & so far 1 MAYC has been stolen.
Funds are being directed here:https://t.co/Mrvec92UEVpic.twitter.com/OPyvPvM6pM
— zachxbt (@zachxbt) April 1, 2022
If a user clicks on the link in the post, they're taken to a website where they're tricked into minting a fake NFT in exchange for Ethereum. Other versions trick victims into sending the scammers NFTs by making them think their collectible was going to be wrapped. Two wallet addresses were tied to the hacks, one of which sold a stolen Mutant Ape Yacht Club NFT and then sent the other 19.85 ETH, or around $69,000 based on current exchange rates. The recipient wallet reportedly sent 61 ETH ($213,000) to a mixing service, which can obscure the origin and trail of potentially identifiable crypto coins.
It's unclear how many people fell victim to the scams, but the projects' administrators quickly caught on and posted a warning to their fans. Bored Ape asked users not to mint anything from its Discord and clarified that it wasn't doing "any April Fools stealth mints." Nyoki Cub posted a similar warning and admitted that its "server was also compromised… due to a recent large-scale hack." It said it was able to take control of the situation within 30 minutes.
NFTs are making their way into mainstream popularity, with big-name celebs such as Justin Bieber and Madonna putting the spotlight on the digital collectibles. Schemes such as these are bound to become more as long as people keep pouring money into non-fungible tokens.