Protect Your Boring Ape Web3 Another Phishing Attack Happened

On June 5, 2022, the public opinion monitoring of Chengdu Lian’an Chain Bing-Blockchain Security Situational Awareness Platform showed that the Discord community of Bored Ape Yacht Club was attacked by hackers , and the hackers made a profit of about 142 ETH. The Chengdu Lianan security team analyzed the incident for the first time, and the results are as follows.

Protect Your Boring Ape Web3 Another Phishing Attack Happened

Protect Your Boring Ape Web3 Another Phishing Attack Happened

#1 Event related information

Domestic and foreign stars such as Madonna, Stephen Curry, Jay Chou, Lin Junjie, etc. have all started the “Boring Ape” series of NFTs. In January, soccer star Neymar announced the purchase of two “Boring Apes” NFTs for over $1 million. Recently, phishing attacks on NFTs have gradually increased. For example, on April Fool’s Day, Jay Chou’s Boring Ape suffered a phishing attack.

In the web3 world, phishing is mainly achieved through a series of means such as twitter, discord, website forgery, etc., usually accompanied by social engineering attacks such as spoofing, online chat, baiting, equivalent exchange, and compassion in the process (see Wiki for details). Wikipedia: Social Engineering), making it hard to guard against.

On June 5, BAYC stated on its official Twitter that its Discord server was briefly attacked today. The team quickly discovered and resolved the problem, but NFTs worth about 200 ETH were still affected. The team is currently investigating and recommending Affected users emailed the official contact.

Protect Your Boring Ape Web3 Another Phishing Attack Happened

#2 The attack process of this incident

attacker address

0x1079061D37f7F3FD3295E4aAd02EcE4a3f20DE2d

In the first step, the attacker posts a link to the phishing website to the official community.

In the second step, the attacker obtained 32 NFTs through the phishing website, including 2 BAYCs.

Protect Your Boring Ape Web3 Another Phishing Attack Happened

Protect Your Boring Ape Web3 Another Phishing Attack Happened

Protect Your Boring Ape Web3 Another Phishing Attack Happened

In the third step, the attacker sells the NFT obtained by phishing and sends 142 ETH to Tornado.cash through an external address.

Protect Your Boring Ape Web3 Another Phishing Attack Happened

Protect Your Boring Ape Web3 Another Phishing Attack Happened

Protect Your Boring Ape Web3 Another Phishing Attack Happened

#3  Fund Tracking

As of the time of writing, the attacker’s address has transferred 154 (about $275,944.9) ETH, of which 142 (about $254,442.7) ETH entered Tornado.cash.

#4  Summary

Recently, there have been more and more cases of official discord being attacked. After analysis by the Chengdu Chain Security team, the reasons may be as follows:

  • Project employees suffered from phishing attacks, resulting in account theft;
  • The project party downloads malicious software, resulting in account theft;
  • The project party did not set up two-factor authentication and used weak passwords, resulting in account theft;
  • The project party suffered a phishing attack and added malicious bookmarks to bypass the browser’s same-origin policy, resulting in the theft of the project party’s Discord token.

Anti-fraud skills

1 As a project party, you should adopt the officially recommended security operations such as using two-factor authentication and setting strong passwords to protect accounts; project parties should be vigilant against various traditional network attacks and social engineering attacks against themselves, avoid downloading malware, and avoid accessing phishing website. 
2 As a web3 user, you should first have the awareness that official discord accounts are being stolen more and more frequently, and official news may also be phishing information. Official does not mean absolute security. In addition, you need to be cautious wherever you need your own authorization or transaction, and try to cross-confirm information from multiple channels. 

Protect Your Boring Ape Web3 Another Phishing Attack Happened

Nowadays, with the continued popularity of web3, there are endless ways of phishing scams. Users should keep in mind the above anti-fraud techniques and do their best to ensure that they are not scammed by phishing. But if you have been scammed, you can take the following measures to remedy as much as possible:

– Immediately carry out asset isolation and transfer remaining assets to a safe location as soon as possible to avoid greater losses;

– Proactively issue a statement to inform everyone about the stolen account to avoid endangering friends and the community;

– Keep the evidence as much as possible and seek the project party or institution for follow-up processing;

– You can seek a professional security company for fund tracking, such as Chengdu Lianan.

Finally, it is recommended to record and share the experience of being deceived and share with everyone. Anti-phishing and anti-fraud requires everyone’s attention and participation.

Posted by:CoinYuppie,Reprinted with attribution to:https://coinyuppie.com/protect-your-boring-ape-web3-another-phishing-attack-happened/
Coinyuppie is an open information publishing platform, all information provided is not related to the views and positions of coinyuppie, and does not constitute any investment and financial advice. Users are expected to carefully screen and prevent risks.

Like (0)
Donate Buy me a coffee Buy me a coffee
Previous 2022-06-05 10:02
Next 2022-06-05 10:03

Related articles