Hackers target top NFT Discord bots to rob users of their cryptocurrency

A sad robot in Discord's logo illustration style, whose face is displaying an Ethereum symbol.
(Image credit: Discord)

A number of top NFT outfits have been the target of a barrage of recent cyberattacks, where hackers took over the channels' bots to make use of phishing tactics, in order to convince users to mint fake NFTs.

Bored Ape Yacht Club (BAYC), Nyoki, and Shamanz have all tweeted about the incident, confirming their Discords were hit, and blockchain investigator Zachxbt posted screenshots as proof that both the Doodles and Kaiju Kingz NFT projects have also been targeted.

Vice reports that the tactics used included tricking people into clicking a link, so they could mint a non-existent NFT. The hackers came in asking for ethereum, or an NFT wrapped into a token and appear to have been successful in a few instances.

“Oh no, our dogs are mutating," one hacked bot announced. "MAKC can be staked for our $APE token. Holders of MAYC + BAYC will be able to claim exclusive rewards just by simply minting and holding our mutant dogs." Alas, there were no mutant dog NFTs to be found, only pain and suffering.

The attempts have been traced back to a couple of cryptocurrency wallets now, on Etherscan—a blockchain explorer that can warn you of potential scams—these are labeled Fake_Phishing5519 and Fake_Phishing5520.

Among the swag, a Yuga Labs BAYC spinoff NFT was sold for 20 ethereum (~$69,000), the majority of which was swiftly transferred from the 5519 wallet, to the one marked 5520. 61 ETH ($211,000) then went through Tornado Cash, a site that essentially "improves the privacy of transactions by breaking the on-chain link between a source and a destination address."

Your next upgrade

(Image credit: Future)

Best CPU for gaming: The top chips from Intel and AMD
Best gaming motherboard: The right boards
Best graphics card: Your perfect pixel-pusher awaits
Best SSD for gaming: Get into the game ahead of the rest

All we know is the latter wallet then moved some money to a wallet containing 1,447 ETH ($5 million). That's quite the hoard, and finding the culprit is going to be nigh impossible, what with all the levels of anonymity crypto-trading comes along with.

I guess this should serve as another warning of the dangers of trading NFTs. It's clear many are under the impression NFTs are a scam in and of themselves, and with the likelihood of NFTs pervading the gaming space in 2022, we're going to be seeing a lot more scams like these appearing. Stay vigilant. 

Crypto never sleeps, and neither do hackers.

Katie Wickens
Hardware Writer

Screw sports, Katie would rather watch Intel, AMD and Nvidia go at it. Having been obsessed with computers and graphics for three long decades, she took Game Art and Design up to Masters level at uni, and has been demystifying tech and science—rather sarcastically—for three years since. She can be found admiring AI advancements, scrambling for scintillating Raspberry Pi projects, preaching cybersecurity awareness, sighing over semiconductors, and gawping at the latest GPU upgrades. She's been heading the PCG Steam Deck content hike, while waiting patiently for her chance to upload her consciousness into the cloud.