Meta Digest

Discord Hack Leads to Bored Ape Yacht Club’s Second Hack in Over Three Months

Bored Ape Yacht Club’

The Bored Ape Yacht Club was compromised again last Saturday, not two months after their Instagram account was hacked. Back then, the popular club’s NFTs were stolen and worth an estimated $2.4 to 2.8 million dollars.

This time around, however, the theft wasn’t nearly as significant. The hackers only managed to steal around 200 ETH or $360k worth of NFTs according to reports from blockchain security firm PeckShield which also mentioned one BAYC and two Mutant Ape tokens among other valuables taken during this scampering episode.

This particular heist didn’t have much consequence compared with some previous ones we’ve seen recently but it still left its victims feeling robbed.

The Discord account of the Bored Ape Yacht Club’s community manager was hacked, after which they were sent fake links in their messages. The thief posted these phishing links with login credentials for both Bay Area interested parties as well as the Otherside metaverse project.

The first person to notice this unfortunate situation was NFTherder, who traced the stolen funds and found them in four separate wallets containing an estimated 145 ETH or $260 thousand dollars’ worth of Ethereum.

The team behind NFT collection confirmed the hack through the official Bored Apes Yacht Club Twitter account

“Our Discord servers were briefly exploited today. The team caught and addressed it quickly,” they tweeted. “About 200 ETH worth of NFTs appear to have been impacted. We are still investigating, but you were impacted, email us at”

Gordon Goner, one of the NFT co-founders, expressed his frustration with Discord after it was exploited. He talked about how this messaging platform popular among crypto communities “isn’t working for Web3 communities.”

“We need a better platform that puts security first,” Goner tweeted.

There were those who agreed with him and others blaming the BAYC Discord users for what happened.

“Don’t blame Discord for users getting socially engineered, having DMs open and clicking phishing links,” replied analyst OKHotshot. “Use the tool correctly first before blaming it.”

Twitter user and OpenAvatar NFT founder Cory.eth replied, “You just need to use the technology better. Hit me up if you want an audit or implementation.”

Opinions expressed by Meta Digest contributors are their own.