first level title

fishing details

June 4, 2022 @BorisVagner ("BorisVagner | SBS"Discord) posted a link to a phishing site on BAYC’s Discord. It looks like the community admin's Discord account was hacked, but there is no official word to confirm the breach.

first level title

stolen assets

The external account (eth:0x1079061D37f7F3FD3295E4aAd02EcE4a3f20DE2d) was connected to the phishing site, and the first stolen NFT arrived at this wallet at 16:04:52. The wallet began selling the stolen NFTs in the next 20 minutes or so.

Currently, around 32 NFTs have been stolen through this link. These include at least 1 BAYC, 2 MAYC, 5 Otherdeeds, 1 BAKC.

The stolen 143.7ETH (worth approximately $253,397) was sent to two other external accounts. These two accounts then deposited 100 ETH and 42 ETH into Tornado Cash at 17:24:47 and 17:25:08, respectively.

In addition, at 18:27:35, the external account (eth: 0x2917B397625c7ba551A75d51b69079fD6b2C12E3) redeemed 99.5 ETH from Tornado and sent 20.5 ETH to Tornado Cash. The external account sent another 66 ETH to the external account (0x5bC1792E002447eAf18Dd3e7cf231B01299f6d8a), which may be related to the previous phishing scam.

CertiK hereby recommends that everyone, when encountering some welfare activities, try to verify the activity through multiple channels, and click on links from unknown sources carefully. Even if the publisher is verified, the publisher's account may be stolen. (For example, Twitter’s large-scale accounts were hacked in 2020—the accounts of Bill Gates, Bezos, and Buffett, including the former president of the United States, were stolen and posted “Double Money Back” posts.)