A hacker stole about $790,000 worth of NFTs and crypto from owners of the freshly launched Rare Bears collection on Wednesday, in the latest instalment of a Discord-related NFT controversy. The culprit was able to acquire unauthorised access and appear as an official moderator on the server due to the project’s Discord group’s compromised security, according to the project’s team.
As you might expect, a phisher posing as an official moderator did not go over well, as the unsolicited intruder proceeded to post a phishing link to a website that PeckShield security firm described as hosting a malicious smart contract that gave them control over victims’ wallets when interacted with.
A bogus storey accompanied the link, claiming that 1,000 new and special Rare Bears NFTs had been added to the collection, each with a mint price of 0.1 ETH ($280).
Despite Rare Bears administrators’ best efforts to alert the community of the security breach, the offender was able to flee with over 179 NFTs, including Rare Bears assets as well as CloneX, Azuki, mfer, and 3landers.
The victims’ crypto assets were also frozen, allowing the offender to flee with 286 ETH ($790,000) after quickly reselling the assets. The remaining 72.3 ETH was transmitted across three wallets (which are likely under the hacker’s control), with 213 ETH being routed through mixing service Tornado Cash.
Despite Rare Bears’ relatively successful launch of its 2,400 NFTs just days before the scandal (with its public mint going live on Sunday), as well as its LAND acquisitions in The Sandbox, the situation can most certainly be described as a nightmare start for its community, and it is also a rather explicit reminder to stay vigilant when navigating this sometimes-treacherous space, especially on Discord.