Web2 applications such as Discord have again been shown to be the weak link in the arsenal of blockchain projects. Over 175 ETH has been drained from investorsā accounts after the Bored Ape Yacht club Discord server was breached. @BorisVagner, who was only promoted to Social Media for Yuga Labs in January 2022, had his Discord account breached. The attacker was then able to post phishing links via BorisVagnerās official account on the Yuga Labs Discord server.

The link has been redacted to protect readers from visiting the phishing site. BAYC finally released a statement 9 hours after it was first reported stating,
āOur Discord servers were briefly exploited today. The team caught and addressed it quickly. About 200 ETH worth of NFTs appear to have been impacted. We are still investigating, but if you were impacted, email us at [emailĀ protected]ā
The statement reported that the team āaddressed it quicklyā and confirmed the total value lost by members as 200 ETH. At todayās value that is $354k gone in almost no time at all. The lack of urgency in reporting the matter to its community and the brevity of the announcement suggests an element of complacency by Yuga Labs.
Community Manager account compromised.
According to Peckshield, ā32 NFTs were stolen, including 1 #BAYC, 2 #MAYC, 5 #Otherdeed, 1 #BAKCā The breach was reported initially by OKHotshot, who tweeted,…
