On March 16, an unknown actor, in a phishing attack on the Discord of the Rare Bears NFT project, gained access to the 179 tokens belonging to holders. The damage amounted to 286 ETH (about $790,000).
🚨 Warning 🚨@BearsRare
Discord has unfortunately been compromised. Please DO NOT click any links, connect your wallet and block all incoming DMs in our discord. Our team are working on the situation as we speak 🙏🏼— Rare Bears (@BearsRare) March 17, 2022
Project representatives said the project’s Discords were compromised. They advised not to click links, not to connect wallets, and to block all incoming messages until the situation is fixed.
After an audit by a specialist under the handle @pandez_, the project returned to normal operation. Details of the hack will be published soon.
Exciting news Bears — our Discord has been audited by @pandez_ We’re secure and now open! 🐻🎉 We can’t wait to see you all again! We will release the details of the hack today to outline what happened for full transparency. Welcome back BearFam:https://t.co/gCL8PFIGsm
— Rare Bears (@BearsRare) March 17, 2022
The 2,400 bears minted by digital artist Enox on Ethereum состоялся on March 12.
After the breach, the hacker took on the role of the project’s official community moderator. He posted a phishing link, through which users could acquire 1,000 rare NFTs from the collection at 0.1 ETH ($280).
Thats y I minted 2 bears! All because It is shown in your discord announcement, it is not from direct message that i minted. We want Reimburse. pic.twitter.com/dDJ4HACoYK
— steldes (🚀,🚀) (@steldes) March 17, 2022
According to PeckShield specialists, using a malicious smart contract directing to victims’ wallets, the hacker stole 179 NFTs. Among the stolen tokens were not only Rare Bears, but also collectibles from CloneX, Azuki, mfer, 3landers and Sandbox.
PeckShieldAlert #Phishing ~179 #NFTs transferred to @BearsRare exploiters, including ~4 Clone Xs #CloneX, ~4 $Azuki @AzukiZen, ~1 #mfer @sartoshi_nft, ~2 #3landers @3landersNFT, ~6 $LAND @TheSandboxGame #TheSandbox #Metaverse #NFTs https://t.co/rtAVYTWIJr https://t.co/TyMLPfmlz4 pic.twitter.com/x15KK4Lkp7
— PeckShieldAlert (@PeckShieldAlert) March 17, 2022
Of the 286 ETH proceeds, the hacker moved 213 ETH via Tornado Cash, with the remainder withdrawn to three separate wallets.
Back in December, the attackers hacked the Discord account of the administrator of the Monkey Kingdom NFT project. The loss amounted to 7056 SOL (~$1.3m).
Follow ForkLog on YouTube!