Bored Ape Yacht Club Discord Ticket Tool Hack

From Quadriga Initiative Cryptocurrency Hacks, Scams, and Frauds Repository
Jump to navigation Jump to search

Notice: This page is a new case study and some aspects have not been fully researched. Some sections may be incomplete or reflect inaccuracies present in initial sources. Please check the References at the bottom for further information and perform your own additional assessment. Please feel free to contribute by adding any missing information or sources you come across. If you are new here, please read General Tutorial on Wikis or Anatomy of a Case Study for help getting started.

Bored Ape Yacht Club

The Bored Ape Yacht Club Discord channel was successfully breached through the permissions granted to the commonly used Ticket Tool. This allowed the attacker to post an announcement on the channel, letting users know about a new minting opportunity. Once users clicked the link and signed the transaction, this would grant permissions to take their funds. Multiple users report losing NFTs and there have been no reports of recovery.

About Bored Ape Yacht Club

The Bored Ape Yacht Club (BAYC) is a collection of 10,000 unique digital collectibles called Bored Ape NFTs created in April 2021 and residing on the Ethereum blockchain[1][2]. Each Bored Ape serves as a membership card granting access to exclusive benefits, starting with THE BATHROOM, a collaborative graffiti board[1]. The community can unlock future areas and perks through roadmap activations[1][2]. The Bored Ape NFTs were sold at a fixed price of 0.08 ETH without any price tiers or bonding curves[2].

Each Bored Ape is programmatically generated from over 170 possible traits, such as expressions, headwear, and clothing[2]. They are stored as ERC-721 tokens on the Ethereum blockchain and hosted on IPFS[2]. Ownership and commercial usage rights are given to the NFT owners. Buying a Bored Ape grants membership to a growing club with increasing benefits and opportunities[2].

THE BATHROOM is a members-only graffiti board that will become operational after the presale period[2]. Apeholders can contribute by painting a pixel on the canvas every fifteen minutes, creating a collaborative art experiment for the crypto community[2]. Roadmap 'activations' include goals to pay back moms, release Caged Apes as airdrops, launch a YouTube channel, unlock a member-exclusive merchandise store, and initiate a liquidity pool, among others[2].

The Bored Ape Yacht Club community has developed helpful tools like NFTEXP.IO and RARITY.TOOLS, although they are unofficial[2]. The BAYC project was created by a group of friends known as GARGAMEL, GORDON GONER, EMPEROR TOMATO KETCHUP, and NO SASS, who aimed to build something unique and ridiculous with their dope apes[2].

"BAYC was created by four friends who set out to make some dope apes, test our skills, and try to build something (ridiculous). GARGAMEL. STARCRAFT OBSESSED. EATS SMURFS. GORDON GONER. REFORMED LEVERAGE ADDICT. EMPEROR TOMATO KETCHUP. SPENT ALL THEIR MONEY ON FIRST PRESSES AND PET-NAT. NO SASS. HERE FOR THE APES. NOT FOR THE SASS." "A limited NFT collection where the token itself doubles as your membership to a swamp club for apes. The club is open! Ape in with us."

Mutant Ape Kennel Club Launch Announcement

The Bored Ape Yacht Club Discord displayed an announcement about the new Mutant Ape Kennel Club[3].

"Oh no, our dogs are mutation! MAKC can be staked for our $APE token. Holders of MAYC + BAYC will be able to claim exclusive rewards just by simply minting and holding our mutant dogs!"

The Reality

The Discord channel was under a phishing attack and anyone who would connect their wallet to the malicious websites would lose all of their funds.

Vulnerabilities In Ticket Tool

There is some question of how the Ticket Tool software ended up with this modification.

Phishing Attack

The notices on the Discord channel were part of a phishing attack, and did not originate from the Bored Ape Yacht Club team.

What Happened

The Bored Ape Yacht Club Discord channel was breached through the Ticket Tool plug-in, which allowed the attackers to post a fraudulent minting link. Several members of the club clicked on the link and experienced the theft of all their assets.

Key Event Timeline - Bored Ape Yacht Club Discord Ticket Tool Hack
Date Event Description
March 31st, 2022 10:27:00 PM MDT ZachXBT Report On Massive Theft Twitter user ZachXBT reports on the theft of Bored Ape Yacht Club, Mutant Ape Yacht Club, and 2 Doodle NFTs to a different account later labelled as Fake_Phishing5517 on Etherscan[4]. According to his tweet at the time, this is related to a verified Twitter Bored Ape Yacht Club scam, and unrelated to the Discord phishing channel. He provides multiple examples of phishing tweets[5]. TBD can we reconcile whether this is related or not?
March 31st, 2022 11:02:00 PM MDT Bored Ape Yacht Club #3738 Reported Stolen Twitter user WuBlockchain reports that the Bored Ape Yacht Club #3738 NFT was stolen from Chinese singer Jay Chou through a phishing site[6], referencing an Instagram post. According to his tweet, this appears to be due to a phishing attack on the Doodles NFT Discord[7].
March 31st, 2022 11:19:26 PM MDT Transaction Sending 0.1 ETH A blockchain transaction sends 0.1 ETH to the attacker's wallet[8]. TBD - Why was this selected as the time of the case and why was this transaction significant?
March 31st, 2022 11:23:45 PM MDT Mutant Ape Yacht Club #8662 Stolen The Mutant Ape Yacht Club #8662 NFT is transferred to the attacker's wallet[9]. TBD explore more on blockchain of attacker's wallet and other thefts.
March 31st, 2022 11:24:00 PM MDT 0xGav.eth Reports Hack on Twitter Twitter user oxGav.eth reports the Bored Ape Yacht Club Discord is hacked[3].
March 31st, 2022 11:35:00 PM MDT ZachXBT Reports Breach And Theft Twitter user ZachXBT reports on the Discord breach and notes that one Mutant Ape Yacht Club NFT has been taken so far. The attacker's address is included in the Tweet[10].
March 31st, 2022 11:45:00 PM MDT PeckShield Twitter Alert Peckshield reports that the Bored Ape Yacht Club Discord has been breached and Mutant Ape Yacht Club #8662 has been stolen[11]. TBD more analysis.
March 31st, 2022 11:52:00 PM MDT Bored Ape Yacht Club Twitter Announcement Bored Ape Yacht Club posts on Twitter to announce that their Discord has been compromised[12].
March 31st, 2022 11:54:00 PM MDT ZachXBT Similarities Noted Twitter user ZachXBT reports on the similarities between the Bored Ape Yacht Club Discord post and a new attack onthe Doodles Discord post, suspecting that the same group is behind both attacks[13].
March 31st, 2022 11:58:00 PM MDT Serpent Suspects Captcha Bot Twitter user Serpent (formerly SerpentAU) reports having inside information from the hackers and that the official "Captcha Bot" is hacked. At this time, it is reported that Bored Ape Yacht Club and Doodle are both hacked. He also warns that many other servers will be hacked[14][15].
April 1st, 2022 12:45:00 AM MDT The Block Article Published The Block publishes an article on the situation. This article covers over the attack on the Discords of Bored Ape Yacht Club, Mutant Ape Yacht Club, and Mutant Ape Kennel Club. It includes the theft of Bored Ape Yach Club NFT #8662. This article was modified since publication, or the time is slightly off, as it includes information by Serpent which was reported a minute later[16].
April 1st, 2022 12:46:00 AM MDT Serpent Reports Ticket Tool Hack Twitter user Serpent (formerly SerpentAU) makes another post that it's "100% CONFIRMED" that "TICKET TOOL IS HACKED" along with screenshots of an "AUDIT LOG FROM DOODLES & SHAMANZS"[17][18].
April 1st, 2022 12:57:00 AM MDT Serpent Corrects Past Post Serpent reports that the "REAL source of the hack is 100% confirmed to be Ticket Tool". He insists that it's also "100% confirmed" "that the owner of Captcha Bot (ImDarkDiamond) was compromised and the source code was stolen"[14].
April 1st, 2022 1:22:00 AM MDT sv3nsei Reports Multiple Bots Hacked Twitter user sv3nsei reports a list of hacked Discords (including Bored Ape Yacht Club, Doodles, Kaiju Kingz, Shamanzs, and Zooverse NFT) and a list of hacked Discord bots including Arcane Bot, Captcha Bot, and Ticket Tool Bot[19].
April 1st, 2022 1:34:00 AM MDT Ticket Tool Posts Tweet Ticket Tool posts an update Tweet that the problem was a recent update that "had a bug allowing for some type of permission exploit". The developer reported that he "reverted the update to the previous uncompromised version and will be looking into exactly how this happened"[20].
April 1st, 2022 1:39:00 AM MDT Zrk336 Reports Being Hacked Twitter user Zrk336 reports being hacked from the exploit and losing his NFT worth 0.8 ETH[21].
April 1st, 2022 2:34:00 AM MDT FXEmpire Article Published FXEmpire publishes an article on the Bored Ape Yacht Club and Doodle both being attacked[22]. TBD more information.
April 1st, 2022 9:04:34 AM MDT Crypto News Flash Article Published Crypto News Flash publishes an article on Bored Ape Yacht Club exploit. They include two contradictory valuations of the Mutant Ape Yacht Club NFT #8662 at $67,423 USD and 21 ETH worth $68,900 USD. It includes the Tweet by the Bored Ape Yacht Club, a screenshot of the phishing link posted in the Discord channel, and that ticket tool is responsible. The attacks on other NFT projects including Doodles, Shamanzs, and Nyoki are briefly in closing[23].
April 1st, 2022 12:35:00 PM MDT Vice News Article Published Vice News publishes an article on the situation[24], which includes that the Discord channels of platforms including Bored Ape Yacht Club, Nyoki, Shamanz, Doodles, and Kaiju Kingz were all hacked. It provides an excerpt of some of the phishing posts, some basic blockchain analysis, and mention of some other Discord attacks[25].
April 2nd, 2022 9:12:00 AM MDT Serpent Requesting Code Inspection Serpent requests to be unbanned from the Ticket Tool discord and that he be allowed to look at the source code to get more information[26]. His Tweet does not appear to have ever been responded to.
April 2nd, 2022 5:23:48 PM MDT CryptoHubK Article Published CryptoHubK published a summary of the situation. It is reported that hackers gained access to the Discord of Bored Ape Yacht Club, Mutant Ape Yacht Club, and Mutant Ape Kennel Club. The article included the PeckShield alert. Some information is later included on the Doodle NFT Discord attack, and the suggestion that this was responsible for the loss of Jay Chou's BAYC #3738. The article also includes general information on other Discord hacks, however it appears to incorrectly state the dates as March 1st for other attacks[27].
April 4th, 2022 10:39:11 AM MDT Tech Radar Article Published TechRadar publishes an article on the situation[28]. It includes Bored Ape Yacht Club, Nyoki, Shamanz, Doodles, and Kaiju Kingz. An example of the phishing tweet on Bored Ape Yacht Club is provided, as well as the response by Noyki Club. It gives some background on the NFT minting process, and mentions that all projects were quick to react to the situation. Information about the wallets were also included[29].
April 4th, 2022 10:48:00 AM MDT Candid Technology Article Published Candid Technology publishes an article on the situation. The article mentions Bored Ape Yacht Club, Nyoki, and Shamanzs as victims, as well as referencing attacks on Doodles and Kaiju Kingz as reported by ZachXBT. The reactions by platforms Nyoki Club and Bored Ape Yacht Club were included, as well as wallet addresses Fake_Phishing5519 and Fake_Phishing5520 and some of the attempts at mixing the proceeds[30].
April 4th, 2022 Game News 24 Article Published Game News 24 publishes an article that "Bored Ape Yacht Club, Nyoki and Shamanz have all tweeted warnings to users that their Twitter bots have been hacked and are advertising new, completely fake NFTs" and that "the link directs users’ crypto to a pair of crypto wallets that have been illegally laundering their ill-gotten gains"[31].
April 8th, 2022 12:11:23 PM MDT NFTNow Article Published NFTNow publishes an article on the situation[32]. It mentions Bored Ape Yacht Club, Shamanz, and Nyoki Club as the projects with their Discord channels attacked. Fake NFT links are included, and a specific quote of the announcements for Nyoki Club. Background on the funds, wallets, and some history of Discord attacks is also included in the article[33].
April 25th, 2022 Another BAYC Exploit Another Bored Ape Yacht Club exploit with a fake mint link occurs, this time on Instagram[34].

Technical Details

"Hackers gained access to the Discord of Bored Ape Yacht Club (BAYC), Mutant Ape Yacht Club (MAYC) and Mutant Ape Kennel Club (MAKC), all three NFT collections owned by Yuga Labs." "[T]he BAYC team confirmed that their Discord servers were compromised."

"Bored Ape Yacht Club's Instagram account and Discord server were both hacked on Monday, with an unofficial "mint" link being sent out to followers."

"A fraudulent "mint" link was sent to followers. Some appear to have taken the bait."

"The hacker posted a fraudulent link to a copycat of the Bored Ape Yacht Club website, where a safeTransferFrom attack asked users to connect their MetaMask to the scammer's wallet in order to participate in a fake Airdrop," a spokesperson told CoinDesk via email. "At 9:53am ET, we alerted our community, removed all links to Instagram from our platforms and attempted to recover the hacked Instagram account."

"The wallets of those who clicked the link have now been compromised, with a series of Bored Apes and Mutant Apes being transferred to new wallets by the hackers."

Total Amount Lost

The total amount lost has been estimated at $550,000 USD.

[35]

Losses included Mutant Ape Yacht Club #8662, with a reported value of $67,423 USD[23].

Attackers wallet is reportedly included FakePhishing_5519[36] and FakePhishing_5520[37].


"At the time of writing, it is estimated that around 24 Bored Apes and 30 Mutant Apes have been stolen, according to recent OpenSea transfers, although some of these may be holders transferring their non-fungible tokens for security purposes."


"[T]he hackers even managed to steal a valuable Mutant ApeYacht Club (MAYC) NFT." "According to security firm PeckShield, the hacker successfully posted a phishing link to the discord channel Mutant Ape Kennel Club, disguised as a “disguised” NFT mint and used to steal MAYC artwork number 8662 from one user."


"The value of the 54 NFTs calculated by floor price is $13.7 million. Yuga Labs says the scope of the attack is far smaller."

"Rough estimated losses due to the scam are 4 Bored Apes, 6 Mutant Apes, and 3 BAKC, as well as assorted other NFTs estimated at a total value of ~$3m," the spokesperson said. "We are actively working to establish contact with affected users."

"Rip another person has fallen victim to the verified Twitter BAYC phishing scam. This time Jay Chou a popular music artist in Asia. Over $550k (169 ETH) of NFTs were stolen. Most notably a BAYC, MAYC, & two Doodles."

How much was lost and how was it calculated? If there are conflicting reports, which are accurate and where does the discrepancy lie?

Immediate Reactions

How did the various parties involved (firm, platform, management, and/or affected individual(s)) deal with the events? Were services shut down? Were announcements made? Were groups formed?


"Although the NFTs in the MAYC collection has a floor price of 23.6 ETH ($77.4k), the NFT 8862 had a lower bid to its name of about 21.3 ETH ($69.5k). While reports began appearing early on, it was only after this theft that people started taking this seriously."

Bored Ape Yacht Club Announcement

Bored Ape Yacht Club posted a warning to Twitter[12]. "As of the time of writing, BAYC has only issued a precautionary message for all its Discord members to be wary about the messages that appear on their Discord server by tweeting."

STAY SAFE. Do not mint anything from any Discord right now. A webhook in our Discord was briefly compromised. We caught it immediately but please know: we are not doing any April Fools stealth mints / airdrops etc. Other Discords are also being attacked right now.

"In a tweet, the BAYC team confirmed that their Discord server’s compromise was true, and during the time that it was compromised." "The BAYC team said in its tweet that it had ‘caught’ the issue immediately. Nevertheless, the team cautioned users not to mint any NFT using a link posted on its Discord and reminded observers that it had no plans for any April Fools stealth mints."

SerpentAU Report And Captcha Bot Confusion

Early in the attack, there was confusion as to whether the attack originated from the Captcha Bot, a theory proposed by Twitter user SerpentAU[14]. TBD better source.


"According to Serpent, the Ticket Tool was the real source of the hack."

"The user also stated that according to the inside information received from the hackers, the official Captcha Bot was also hacked and that the source code had been stolen."

"I have received inside information from one of the hackers. THE OFFICIAL CAPTCHA BOT IS HACKED, REMOVE IT FROM YOUR SERVER. BAYC & Doodles have already been hacked within the last 30 minutes but MANY MORE SERVERS WILL BE HACKED."

"This is not 100% confirmed to be the root cause of these hacks but remove it from your servers to stay safe and use a different verification bot."

"I was told that the owner of Captcha Bot (ImDarkDiamond) was compromised and the source code was stolen (This part is 100% confirmed)" "Last I was told, owner of captcha bot was hacked, the source code was stolen and they were going to extort him. The bot doesn't seem compromised currently but I would still stay far away from it. REAL source of the hack is 100% confirmed to be Ticket Tool." "Security researchers said a ticketing tool that checks users and sends out notifications across the channel has been compromised."


Twitter user SerpentAU reports that the official Captcha Bot is hacked and servers should remove it[14][15].

I have received inside information from one of the hackers.

THE OFFICIAL CAPTCHA BOT IS HACKED, REMOVE IT FROM YOUR SERVER

BAYC & Doodles have already been hacked within the last 30 minutes but MANY MORE SERVERS WILL BE HACKED.

This is not 100% confirmed to be the root cause of these hacks but remove it from your servers to stay safe and use a different verification bot.

SerpentAU later follows up his Tweet to confirm that the real source of the hack is the Ticket Tool[14].

I was told that the owner of Captcha Bot (ImDarkDiamond) was compromised and the source code was stolen (This part is 100% confirmed)

Last I was told, owner of captcha bot was hacked, the source code was stolen and they were going to extort him. The bot doesn't seem compromised currently but I would still stay far away from it.

REAL source of the hack is 100% confirmed to be Ticket Tool

Peckshield

[11] TBD

Victim Reactions on Twitter

Twitter user Zrk336 reported on being hacked and losing 0.8 ETH[21].

I just be hacked and the guy just transfer my NFT on a New account. I losed 0.8ETH. That was all [I] ha[d]. They don[']t care how it can be hard for the victim. I[']m really sad[.]

"Got scammed for 0.45 eth on namesake of bored ape. My call my loss, thanks for keeping people safe out there."

"I always wanted ape. I tried it was my 1st ever trying to buy anything Open Sea, Discord. Lost all funds in meta mask wallet. Just wanted to be a part of something. Positive part about it I was able to purchase 11 coins."

Ultimate Outcome

What was the end result? Was any investigation done? Were any individuals prosecuted? Was there a lawsuit? Was any tracing done?

Total Amount Recovered

There do not appear to have been any funds recovered in this case.

What funds were recovered? What funds were reimbursed for those affected users?

Ongoing Developments

What parts of this case are still remaining to be concluded?

Individual Prevention Policies

It is recommended to be extremely cautious of any links posted on Discord, given the repeated breaches of official accounts using the platform. Users need to be cautious with any posted links. Always check any communication against multiple official sources of a project before proceeding.

Any time that you are promised any profit or benefit in exchange for an initial payment, smart contract approval, or deposit, pay special care as to whether the entity making that offer is trustworthy, actually who they say they are, and has the means to fulfill what they're promising. There are no magic algorithms providing guaranteed returns from trading or mining. Trading on average will lose money. Mining is expensive and complex. No one is going to immediately send back more than you sent them. NFT projects will rarely announce a surprise mint in only a single location. Are you fully prepared for the event your money is kept and nothing is delivered in return?

Store the majority of funds offline. By offline, it means that the private key and/or seed phrase is exclusively held by you and not connected to any networked device. Examples of offline storage include paper wallets (seed phrase or key written down and deleted from all electronic media), hardware wallets, steel wallet devices, etc...

For the full list of how to protect your funds as an individual, check our Prevention Policies for Individuals guide.

Platform Prevention Policies

Platforms should be extremely cautious regarding the permissions which are granted via Discord, and limit the access levels to critical functionality. Discord should improve their security and offer multi-signature permissions for key functions. Ideally, public groups should be managed from an exclusive account which isn't used for anything else.

Ideally, performing key actions such as banning moderators or posting global announcements would be set up such that multiple approvals are required. In this way, it would be much more challenging to breach, particularly when combined with security training.

All aspects of any platform should undergo a regular validation/inspection by experts. This validation should include a security audit of any smart contracts, reporting any risks to the backing (of any customer assets, ensuring treasuries or minting functions are properly secured under the control of a multi-signature wallet, and finding any inadequacies in the level of training or integrity of the team. The recommended interval is twice prior to launch or significant system upgrade, once after 3 months, and every 6 months thereafter. It is recommended that the third party performing the inspection not be repeated within a 14 month period.

All wallets, minting functions, and critical infrastructure should be implemented with a multi-signature requirement, with a recommended minimum of 3 signatures required. This means that making important changes or approving spending will require the keys held by at least 3 separate individuals within the organization to approve. The multi-signature should be implemented at the lowest layer possible, all key holders should have security training, and all key holders should be empowered and encouraged to exercise diligence.

Never take for granted the limited knowledge of users of your service and their tendency to skip past provided information. It is recommended to design a simple tutorial and quiz for new users which explains the basics of seed phrases, strong password generation, secure two-factor authentication, common fraud schemes, how ponzi schemes work, as well as other risks which are unique to the cryptocurrency space. This tutorial and quiz should ensure their understanding and be a standard part of the sign-up or download process which is difficult or impossible to skip.

Work with other industry platforms to set up a multi-signature wallet with private keys held separately by delegate signatories from seven prominent platforms and services within the industry. Establish requirements for contributions by all platforms and services, designed to be affordable for small platforms yet large enough to cover anticipated breach events. Any breach event can be brought forth by a member platform or a petition of 100 signatures for consideration by the delegate signatories. A vote of 4 or more delegate signatures is required to release any funds, which could partially or fully restore lost funds based on their assessment.

For the full list of how to protect your funds as a financial service, check our Prevention Policies for Platforms guide.

Regulatory Prevention Policies

Training platform operators can help avoid incidents such as these, and requiring the approval of two separate security sign-offs prior to a project to launch would likely catch any weak security practices.

All platforms should undergo published security and risk assessments by independent third parties. Two assessments are required at founding or major upgrade, one after 3 months, and one every 6 months thereafter. The third parties must not repeat within the past 14 months. A risk assessment needs to include what assets back customer deposits and the risk of default from any third parties being lent to. The security assessment must include ensuring a proper multi-signature wallet, and that all signatories are properly trained. Assessments must be performed on social media, databases, and DNS security.

Create a standard tutorial and quiz for all new cryptocurrency participants, which is required to be completed once per participant. This tutorial and quiz should cover the basics of proper seed phrase protection, strong password generation, secure two-factor authentication, common fraud schemes, how to detect and guard against phishing attacks, how ponzi schemes work, as well as other risks which are unique to the cryptocurrency space.

Set up a multi-signature wallet with private keys held separately by delegate signatories from seven prominent platforms and services within the industry. Establish requirements for contributions by all platforms and services within the country, designed to be affordable for small platforms yet large enough to cover anticipated breach events. Any breach event can be brought forth by a member platform or a petition of 100 signatures for consideration by the delegate signatories. A vote of 4 or more delegate signatures is required to release any funds, which could partially or fully restore lost funds based on their assessment.

For the full list of regulatory policies that can prevent loss, check our Prevention Policies for Regulators guide.

References

  1. 1.0 1.1 1.2 Bored Ape Yacht Club - OpenSea (Jun 19, 2022)
  2. 2.00 2.01 2.02 2.03 2.04 2.05 2.06 2.07 2.08 2.09 2.10 Bored Ape Yacht Club Homepage (Jun 19, 2022)
  3. 3.0 3.1 0xGav - "BAYC Discord hacked" - Twitter (Jun 19, 2022)
  4. Fake_Phishing5517 Account - Etherscan (Jun 20, 2022)
  5. zachxbt - "Rip another person has fallen victim to the verified Twitter BAYC phishing scam. This time Jay Chou a popular music artist in Asia." - Twitter (Jun 20, 2022)
  6. WuBlockchain - "Chinese singer Jay Chou's BAYC #3738 was stolen from a phishing site and is currently for sale on Looksrare." - Twitter (Jun 19, 2022)
  7. Bored Ape Yacht Club (BAYC) officially confirmed the project's Discord channel has been hacked - CryptoHubK (Jun 19, 2022)
  8. Transaction Sending 0.1 ETH To The Attacker's Wallet - Etherscan (Jun 19, 2022)
  9. Mutant Ape Yacht Club #8662 Transfer To Thief - Etherscan (Apr 19, 2023)
  10. zachxbt - "BAYC Discord has been hacked & so far 1 MAYC has been stolen." - Twitter (Jun 19, 2022)
  11. 11.0 11.1 PeckShieldAlert - "#PeckShieldAlert @BoredApeYC Discord compromised, MutantApeYachtClub #8662 has been stolen." - Twitter (Jun 19, 2022)
  12. 12.0 12.1 BoredApeYC - "STAY SAFE. Do not mint anything from any Discord right now. A webhook in our Discord was briefly compromised." - Twitter (Jun 19, 2022)
  13. zachxbt - "Both of the phishing sites are very similar. It has to be the same group behind Doodles & BAYC." - Twitter (Jun 19, 2022)
  14. 14.0 14.1 14.2 14.3 14.4 SerpentAU - "BAYC & Doodles have already been hacked within the last 30 minutes but MANY MORE SERVERS WILL BE HACKED." - Twitter (Jun 19, 2022)
  15. 15.0 15.1 MasonBeingMason - "april fools lul" - Twitter Archive April 1st, 2022 12:00:02 AM MDT (Apr 19, 2023)
  16. Bored Ape Yacht Club confirms its Discord was hacked - The Block (Jun 20, 2022)
  17. Serpent - "TICKET TOOL IS HACKED" - Twitter (Apr 19, 2023)
  18. SerpentAU - "TICKET TOOL IS HACKED" - Twitter Archive April 1st, 2022 1:19:05 AM MDT (Apr 19, 2023)
  19. sv3nsei - "LIST OF HACKED DISCORDS: @BoredApeYC @doodles @KaijuKingz @shamanzs @Zooversenft LIST OF HACKED BOTS: - Arcane bot - Captcha bot - Ticket tool bot" - Twitter (Jul 17, 2022)
  20. Ticket_Tool - "A recent update I made to the add command had a bug allowing for some type of permission exploit.." - Twitter (Jul 17, 2022)
  21. 21.0 21.1 Zrk336 - "I just be hacked and the guy just transfer my NFT on a New account. I losed 0.8ETH. That was all [I] have. They don[']t care how it can be hard for the victim. I[']m really sad." - Twitter (Jun 19, 2022)
  22. Not an April Fools Joke! BAYC Confirms Its Discord Was Compromised - FXEmpire (Jun 19, 2022)
  23. 23.0 23.1 Beware of April Fools stealth airdrops warns Bored Ape as discord hacked - Crypto News Flash (Jun 20, 2022)
  24. Bored Ape Yacht Club, Other Major NFT Project Discords Hacked by Scammers - Vice News Archive April 1st, 2022 12:40:01 PM MDT (Apr 21, 2023)
  25. Bored Ape Yacht Club, Other Major NFT Project Discords Hacked by Scammers - Vice (Jul 17, 2022)
  26. Serpent - "can you unban me from the discord? ... I would like to look at the code to see what happened." - Twitter (Apr 21, 2023)
  27. Bored Ape Yacht Club (BAYC) officially confirmed the project's Discord channel has been hacked - CryptoHubK (Jun 19, 2022)
  28. Several huge NFT Discords hacked by scam attacks - TechRadar Archive April 4th, 2022 9:39:11 PM MDT (Apr 21, 2023)
  29. Several huge NFT Discords hacked by scam attacks - TechRadar (Jul 17, 2022)
  30. BAYC, Nyoki, Shamanz and other NFT projects suffer Discord hack - Candid Technology (Jul 17, 2022)
  31. The NFT Discord Channels are Attacked By Hackers, who seek to gain traction in Cryptocurrency - Game News 24 (Jul 16, 2022)
  32. Warning: Hackers Are Targeting Discord Bots to Rob Nft Users - NFTNow Archive April 8th, 2022 12:11:23 PM MDT (Apr 21, 2023)
  33. Warning: Hackers Are Targeting Discord Bots to Rob NFT Users - NFTNow (Jul 16, 2022)
  34. NFTs Stolen After Bored Ape Yacht Club Instagram, Discord Hacked - CoinDesk (Jun 19, 2022)
  35. Ethereum Historical Price Data - CoinMarketCap (Dec 21, 2021)
  36. Fake_Phishing5519 Wallet - Etherscan (Jun 20, 2022)
  37. Fake_Phishing5520 Wallet - Etherscan (Jul 13, 2022)

Cite error: <ref> tag with name "yahoofinance-7725" defined in <references> is not used in prior text.
Cite error: <ref> tag with name "wublockchaintwitter-8127" defined in <references> is not used in prior text.
Cite error: <ref> tag with name "zachxbttwitter-8130" defined in <references> is not used in prior text.