Collectors of Rare Bears have lost around $790,000 worth of NFTs and other crypto in a phishing attack

Members of the Rare Bears NFT community have lost assets to $790,000 due to a phishing attack. The team said the weakened security of its Discord group allowed a perpetrator to spread a phishing link.

Hacker steals $790,000 of NFTs and crypto from owners of Rare Bears

A recently launched NFT project, Collectors of Rare Bears, lost approximately $790,000 in NFT and other cryptocurrencies in a phishing attack. Rare Bears is an NFT collection of 2,400 cartoon-themed bears on Ethereum. It was created by a New Zealand-based digital artist named Enox and went public last week.

On Wednesday, an unidentified person gained unauthorized access to the project’s Discord server and was the official moderator. This allows them to share a phishing link designed to steal people’s funds.

“Discord has unfortunately been compromised. Please DO NOT click any links, connect your wallet and block all incoming DMs in our discord. Our team [is] working on the situation as we speak,” said Rare Bears in a post on Twitter.

A user who visited “steldes” on Twitter posted a screenshot of what appeared to be a fake message by someone posing as a Discord administrator named Zhodan. The perpetrator shared a message saying there was a new NFT minting, providing a link to a scam website. The announcement informed members about an extra 1,000 rare NFTs being added to the collection for the meager price of 0.1 ETH ($280).

According to security firm PeckShield, the site hosted a malicious smart contract that – when interacted with – allowed them to take control of the victim’s wallet. With this control, hackers stole 179 NFTs and other assets belonging to everyone involved in the minting process. Among the stolen NFTs were Rare Bears and many other high-value items from famous collections: CloneX, Azuki, mfer, 3landers, and Sandbox.

On Wednesday, the hackers moved the assets to their Ethereum addresses, starting at 7:34 p.m. UTC. Soon after, most of the NFTs were sold for 286 ETH, equivalent to $790,000. Of these, 213 ETH was transferred through the Tornado Cash mixing service, and 72.3 ETH was sent through three wallets, likely in the control of the hackers.

Similar phishing attacks against NFT holders have taken place on Discord in the past. In October 2021, someone stole $340,000 in ETH from the Creature Toadz NFT project using a phishing link, only to return it later to their victim. While it remains unclear how Discord was compromised, the creator of Rare Bears said a hacked device could be responsible.

Sign up for a Binance account here (Discount 10% trading fees):

Read more:

Join us on Telegram

Follow us on Twitter

Follow us on Facebook

You might also like