Yuga Labs has confirmed the Bored Ape Yacht Club (BAYC) Discord server was hacked over the weekend, with the attacker taking 200 ETH, over $360,000, worth of non-fungible tokens (NFTs).
The hack occurred after the project’s community manager had his Discord account compromised. The hacker used the account to post phishing links in Discord channels of the official BAYC and its related metaverse project, called Otherside.
Twitter user NFTherder, who first spotted the hack, estimates 145 ETH, worth around $260,000, was stolen along with the NFTs. Yuga Labs, 11 hours after NFTherder reported on the hack, confirmed the exploit occurred and said it was still actively investigating it.
The incident marks the third time a malicious actor was able to impersonate a Yuga Labs-run account to steal users’ assets. The first was on April 1, when Mutant Ape Yacht Club #8662 was stolen through a phishing link posted on the project’s Discord server, while the second came on April 25, after the BAYC Instagram and Discord accounts posted a phishing link.