Global Crypto Market

  • Market Cap: $1,113,692,195,402.90
  • 24h Vol: $85,051,683,769.18
  • BTC Dominance: 39.36%

Ethereum and NFTs stolen in hack of Yuga Labs Discord server – SiliconANGLE News




UPDATED 20:17 EDT / JUNE 05 2022
by Duncan Riley
Hackers have stolen cryptocurrency and nonfungible tokens after compromising a Discord server run by Yuga Labs Inc., the creator of leading NFTs such as the Bored Ape Yacht Club.
The successful attack involved the compromise of an account belonging to Yuga Labs Community and Social Manager Boris Vagner. With access to Vagner’s account, those behind the attack posted phishing links in both the official BAYC and the Otherside Discord channels.
The phishing messages, pretending to be from Vagner, promised an exclusive giveaway with a message that only those holding BAYC, Mutant Ape Yacht Club and Otherside NFTs could participate. The holders were then sent to a phishing site that asked users to enter their login details. Once the login details were handed over, the attackers then stole all Ethereum and NFTs held in the account’s linked wallet. Access to the Discord server was eventually returned to Yuga Labs but not before the damage was done.
Bleeping Computer reported Saturday that those behind the attack stole an estimated 145 Ethereum worth approximately $250,000 and 32 NFTs. The official Twitter account of BAYC states that the stolen NFTs were worth around 200 ETH ($361,000). NFTs allow users to create and verify the ownership of virtual items by recording their sales and trades on blockchains.
Despite what appears to be a lapse in staff security, the Discord wasn’t randomly compromised. Gordon Goner, one of the founders of BAYC, blamed Discord for the compromise.
Discord isn’t working for web3 communities. We need a better platform that puts security first.
— GordonGoner.eth (@GordonGoner) June 4, 2022

This isn’t the first time a Yuga Labs account has been compromised. In a nearly identical attack, hackers obtained access to the BAYC Instagram account in April and then sent out phishing messages with malicious links. NFTs valued at about $3 million was stolen.
In the Instagram case, Yuga Labs claimed two-factor authentication was enabled and the security practices surrounding the Instagram account were tight. The question is still raised: How did hackers get access to first the Instagram account and then Discord servers?
Security does not seem to be at the forefront of the company’s practices, but it’s not as if it can’t afford it. Yuga Labs last raised $450 million in funding on a $4 billion valuation in March.
Click here to join the free and open Startup Showcase event.
We really want to hear from you, and we’re looking forward to seeing you at the event and in theCUBE Club.
Click here to join the free and open Startup Showcase event.
Elon Musk says Twitter in ‘clear material breach’ of acquisition agreement
Nvidia TAO Toolkit update aims to simplify deep learning model development
New Qualys VMDR 2.0 delivers insights into risk posture
Corporate learning startup Go1 raises $100M+ in fresh funding
XPO Logistics taps Google Cloud to build faster, more efficient supply chains
CrowdStrike announces new products, adds new CrowdXDR Alliance members
Elon Musk says Twitter in ‘clear material breach’ of acquisition agreement
APPS – BY MARIA DEUTSCHER . 5 MINS AGO
Nvidia TAO Toolkit update aims to simplify deep learning model development
AI – BY MIKE WHEATLEY . 4 HOURS AGO
New Qualys VMDR 2.0 delivers insights into risk posture
SECURITY – BY DUNCAN RILEY . 4 HOURS AGO
Corporate learning startup Go1 raises $100M+ in fresh funding
CLOUD – BY MARIA DEUTSCHER . 4 HOURS AGO
XPO Logistics taps Google Cloud to build faster, more efficient supply chains
CLOUD – BY MIKE WHEATLEY . 4 HOURS AGO
CrowdStrike announces new products, adds new CrowdXDR Alliance members
SECURITY – BY DUNCAN RILEY . 5 HOURS AGO
Forgot Password?
Like Free Content? Subscribe to follow.

source


Leave a Comment

Your email address will not be published.