Gordon Goner, pseudonymous co-founder of Yuga Labs, issued a warning about a possible incoming attack on their social media accounts under the Yuga Labs umbrella after receiving “credible information” that an insider from Twitter would help bypass the security of the accounts.
Yuga Labs, home to some of the most popular nonfungible tokens (NFTs) including the Bored Ape Yacht Club (BAYC) and Otherside, proactively approached Twitter for security after receiving information about a soon-to-happen orchestrated attack on its social media accounts.
We’ve received credible information that there may soon be an attack on our social media accounts, using an inside source at @Twitter to bypass our security.
There are no surprise mints. Ever.
— GordonGoner.eth (@GordonGoner) June 11, 2022
Soon after warning the community, Twitter officials began actively monitoring the activities on the accounts in addition to fortifying their existing security. While issuing the proactive warning, Goner informed investors that the company would never conduct surprise mints — a popular method attackers use to lure in victims.
The popularity and public demand of Yuga Labs’ NFT offerings resulted in the inadvertent rise of ape-themed scams. On June 5, attackers managed to breach into Yuga Labs’ BAYC and OtherSide Discord groups and made away with over 145 Ether (ETH).
BAYC & OtherSide discords got compromised‼️
Seems because Community Manager @BorisVagner got his account breached, which let the scammers execute their phishing attack. Over 145E in was stolen
Proper permissions could prevent this pic.twitter.com/lCl2DfZQ0W
— OKHotshot (@NFTherder) June 4, 2022
An investigation by blockchain detective OKHotshot revealed that the attack was conducted by hacking into the Discord account of Boris Vagner, community and social manager at Yuga Labs.
Related: Optimism loses 20M tokens after L1 and L2 confusion exploited
Optimism layer-2 scaling solution suffered a loss of 20 million OP tokens after falling victim to an exploit in its…