Despite the wealth of benefits that come with NFTs, there are a few downsides that the industry has to deal with. One of these is constantly being the target of attacks from hackers and thieves.
This is to be expected to an extent. Any asset that is valuable will be targeted by criminals and given how profitable NFTs have gotten in the last few years, some targeting was inevitable. Unfortunately, even the most secure platforms and institutions in the blockchain industry suffer some hiccups.
One of the recent of these was the Bored Ape Yacht Club which confirmed an attack on its Discord servers on April 2, 2022.
The Ape Club Under Attack
As confirmed by the Bored Ape Yacht Club’s official Twitter account, its Discord channel was targeted in a phishing scheme. Unfortunately, the scheme was able to gain access to the channel and then tried to trick users into minting fake NFTs.
After confirming the attack, the Ape Club warned users not to mint any NFTs from the channel. The club also noted that no April Fools’ promotion was ongoing, contrary to rumours spread by the attackers.
“Do not mint anything from any Discord right now. A webhook in our Discord was briefly compromised,” the tweets said, “We caught it immediately but please know: we are not doing any April Fools stealth mints/airdrops etc. Other Discords are also being attacked right now.”
As the tweet explained, this attack appears to have been a coordinated effort on several top NFT collections. Reportedly, Doodles, Shamanzs, and Nyoki, popular collections, also suffered similar attacks.
How the attack took place was that the ticket confirmation system, which is used to send messages to people within the channel, was compromised. The attackers then sent out a malicious link, asking users to click on it to mint an NFT.
If the user did click on the link thinking they could mint an NFT, their account could be compromised and their digital assets stolen. So far, at least one NFT has been reported to have been stolen, though the Bored Ape Club seems to have gotten the situation under control.
While these sorts of incidents are unfortunate, they are sadly not uncommon. From phishing scams trying to get crypto wallet details to fake giveaways, there are many people trying to steal others’ digital assets.
With NFTs being one of the top digital assets in the world right now, they are an obvious target. This is even more obvious when it comes to collections like the Bored Ape Club. Pieces in collections of that calibre go for hundreds of thousands and even millions of dollars.
If an attacker could steal even one NFT, they could make a huge profit. Fortunately, the management of the Ape Club was able to notice the stop the scheme before any more losses were recorded.
For NFT users, this is yet another reminder to be very cautious about suspicious messages and to safeguard their NFTs.