The Blame Game Begins as Bored Apes Co-Founder Criticized for Blaming Discord Following Another NFT Exploit
A co-founder of the popular Bored Ape Yacht Club (BAYC) NFT collection faced a backlash for blaming the Discord messaging platform after ETH 200 (USD 378,000) worth of digital assets were snatched in an exploit.
On Saturday, Gordon Goner wrote on Twitter that Discord “isn’t working for Web3 communities” after the project’s Discord server was hacked. “We need a better platform that puts security first,” he added.https://www.twitter.com/satsdart/status/1533194663728975874
However, some observers were quick to lash out at Goner for blaming the instant messaging social media platform.
“Don’t blame Discord for users getting socially engineered, having [direct messages] open and clicking phishing links,” said pseudonymous NFT analyst OKHotshot. “Use the tool correctly first before blaming it.”
People are definitely responsible for there own wallet. In the case it’s the Founders/Team being negligent after being in the space for over a year.— Nonce(0) (@Nonce0) June 4, 2022
Discord security developer Captain Plantain also said phishing attacks will happen no matter what platform you choose, suggesting that the team should take the time and set up a “multilayer security” in order to prevent such incidents from happening again in the future.https://www.twitter.com/mr52pickup/status/1533202911466954752
Nevertheless, the hack took place after attackers managed to post phishing links in both the official BAYC and its related metaverse project called Otherside’s Discord channels after compromising the account of Boris Vagner, the project’s community manager.
Yuga Labs, the company behind BAYC, later confirmed the exploit, saying that around ETH 200 “worth of NFTs appear to have been impacted.”
Notably, this is at least the third time a bad actor has been able to compromise the social accounts of Bored Ape to steal users’ funds over the past two months.
In early April, the team announced that a “webhook in our Discord” was compromised, asking users not to mint anything. On April 25, the project’s Instagram account and Discord server were once again hacked.
– Hacker Used ‘Social Media Data Leak’ to Steal USD 660K in Crypto from 90 Victims – Police
– NFT Self Defense: Staying Safe in Web3
– For His First NFT, Jim Carrey Skips Punks, Apes & Goblins – Goes for ‘Nature’s Relentless Reinvention’
– Goblin Town Surges as Blue-Chip NFT Collections Take a Hit in May