Bored Ape Yacht Club Discord Channel Compromised

  • Bored Ape Yacht Club, Doodles, Shamanzs, and Nyoki Discord channels have all been compromised by a hacker, who attempted to use phishing links to steal NFTs.
  • Security researchers have noted that the attacker most likely used a Discord ticket tool to gain access to the NFT-focused channels.


The official Discord channel of Bored Ape Yacht Club (BAYC), the largest non-fungible token (NFT) collection by market cap, was compromised earlier today, the team behind the project said on Twitter on 1 April.

According to the announcement, an unknown hacker was able to gain access to BAYC’s official Discord channel — which has members from Bored Ape Yacht Club, Mutant Ape Yacht Club, and Mutant Ape Kennel Club — and post a phishing link disguised as a “stealth NFT mint. While BAYC’s team noticed the issue immediately, security firm PeckShield noted the hacker was able to steal Mutant Ape Yacht Club #8662 from one user.

Users from other NFT-focused Discord servers — such as Doodles, Shamanzs, and Nyoki — have also reported seeing a similar phishing messages. Security researcher Serpent noted on Twitter that the attacks may have been carried out via Ticket Tool, a Discord bot that automatically generates support tickets. The researcher also noted that clicking on the phishing link would result in an illicit script stealing user’s NFTs and wallet information.

This is not the first time malicious actors have used Discord to steal from NFT collectors through phishing links. Last month, newly launched NFT collection Rare Bears revealed its members had fallen victim to a similar incident, and had lost a total of 179 NFTs and other assets with a combined value of around $800,000.

Related Coverage
Trezor Warns Users of Newsletter Phishing Attack
  • Trezor users reported on Saturday they had received phishing e-mails from individuals that tried to lure them into downloading malicious code.
  • On Sunday Trezor confirmed that Mailchimp had its services compromised by an “insider targeting crypto companies”, and that the phishing domain had been taken down.
April 4, 2022, 10:04 AM


OpenSea Phishing Attack Affected 17 Users
  • The incident, which affected 17 users on OpenSea, is considered to be a phishing attack as all malicious orders had a valid signatures from the affected users.
  • The CTO of OpenSea also explained the attack had nothing to do with OpenSea’s smart contract upgrade, which began on Friday, as the orders were signed before the migration.
Liquid Exchange Suffered $80M Hack
  • Liquid has now paused deposists and withdrawals, and has started moving its assets into cold storage, as the attacker was able to gain access to their hot wallets.
  • While the exchange is yet to announced the extent of the breach, on-chain data shows that around $80 million worth of tokens has been moved to wallets associated with the hacker.