Bored Apes Creator Warns of Threat Group Targeting NFT Communities

Attackers have targeted wallets hosting several high-profile NFT collections in the past few months.

AccessTimeIconJul 19, 2022 at 2:27 p.m. UTC
Updated May 11, 2023 at 5:24 p.m. UTC
10 Years of Decentralizing the Future
May 29-31, 2024 - Austin, TexasThe biggest and most established global event for everything crypto, blockchain and Web3.Register Now

Yuga Labs, the development studio behind popular non-fungible tokens (NFT) collections such as the Bored Apes Yacht Club, warned in a tweet Monday of a group of attackers targeting the NFT community.

“Our security team has been tracking a persistent threat group that targets the NFT community,” Yuga developers tweeted. “We believe that they may soon be launching a coordinated attack targeting multiple communities via compromised social media accounts.”

Yuga Labs did not respond to requests asking for more specific information at writing time. However, the warning came as millions of dollars worth of NFT exploits have occurred in the past few months.

The past weekend saw over $375,000 worth of ether (ETH) and 314 NFTs stolen from Premint NFT, a popular NFT platform. An investigation by security firm CertiK revealed the threat actors planted a malicious JavaScript code on the premint.xyz website. The script was designed to instruct users to “set approvals for all” when connecting their wallets to the site, which allowed attackers to access all assets in the user’s wallets.

“While the malicious file is no longer available due to the Domain Name Server no longer existing, the effects of the attack are visible on-chain," read a statement from CertiK at the time. "In total, six externally owned accounts (EOA) are directly associated with the attack, with approximately 275 ETH stolen (~$375K).

The firm added that attackers “exploit the centralization issues and single-points of failure” that come with crypto projects relying on centralized internet infrastructures. “Hacks of this kind are becoming increasingly popular,” CertiK said. “There has been a marked increase in attackers targeting other official accounts such as social media platforms to conduct exploits.”

The Premint attack came nearly a week after attackers stole over $1.4 million worth of ether from Omni Protocol, an NFT platform that allows users to take loans against their NFTs.

That followed a May attack when users of NFT marketplace OpenSea received false promotional messages on the project’s Discord channel, which led community members to a fake site that ultimately drained user wallets after clicking on a malicious link.

In April, the Bored Apes’ Instagram account and Discord server were exploited with an unofficial "mint" link sent out to followers. The fraudulent link claimed that users could mint "land" in the then-upcoming OthersideMeta, as previously reported.

In a separate April incident, attackers exploited a now-fixed design flaw in the Rarible NFT marketplace to steal a Bored Ape NFT from Taiwanese singer and actor Jay Chou and sell it for over $500,000.

Disclosure

Please note that our privacy policy, terms of use, cookies, and do not sell my personal information has been updated.

CoinDesk is an award-winning media outlet that covers the cryptocurrency industry. Its journalists abide by a strict set of editorial policies. In November 2023, CoinDesk was acquired by the Bullish group, owner of Bullish, a regulated, digital assets exchange. The Bullish group is majority-owned by Block.one; both companies have interests in a variety of blockchain and digital asset businesses and significant holdings of digital assets, including bitcoin. CoinDesk operates as an independent subsidiary with an editorial committee to protect journalistic independence. CoinDesk employees, including journalists, may receive options in the Bullish group as part of their compensation.

Shaurya Malwa

Shaurya is the Deputy Managing Editor for the Data & Tokens team, focusing on decentralized finance, markets, on-chain data, and governance across all major and minor blockchains.


Learn more about Consensus 2024, CoinDesk's longest-running and most influential event that brings together all sides of crypto, blockchain and Web3. Head to consensus.coindesk.com to register and buy your pass now.