2022年6月5日，Boredapeyachub（无聊猿）Discord社区受到黑客钓鱼攻击，黑客利润约为142ETH。根据成都链安全态势感知平台的民意监控。成都链安全团队首次分析了这一事件，结果如下。
相关信息#1事件。
麦当娜、斯蒂芬·库里、周杰伦、林俊杰等国内外明星都开始了无聊猿系列NFT。今年1月，足球明星内马尔宣布，他已经以超过100万美元的价格购买了两只无聊猿NFT。最近，对NFT的捕鱼攻击也在逐渐增加。例如，周杰伦的无聊猿在愚人节那天遭受了捕鱼攻击。
在web3世界中，网络钓鱼主要通过一系列手段实现，如twitter、discord和网站伪造。通常，在这个过程中，它伴随着社会工程攻击，如虚假信托、在线聊天、诱饵、等价交流、同情心（详见维基百科：社会工程），这是无法阻止的。
6月5日，BAYC在官方推特上表示，该团队很快发现并解决了这一问题，因为其Discord服务器今天遭到短暂攻击，但价值约200ETH的NFT仍然受到影响。目前，该团队正在进行调查，并建议受影响的用户发送电子邮件与官方联系。
本次事件攻击流程#2。
攻击者地址
F3FD3295E4AD02ECE4a3f2D0x1079061D3f7。
第一步，攻击者向官方社区发布钓鱼网站链接。
第二步，攻击者通过包括2个BAYC的钓鱼网站获得32个NFT。
第三步是通过外部地址将142ETH发送到tornado.cash，攻击者出售钓鱼获得的NFT。
资金追踪#3。
截至文件发布时，154(约275944.9美元)ETH转出攻击者地址，其中142(约25442.7美元)ETH进入Tornado.cash。
#4总结
最近，经过成都链安全团队的分析，官方discord遭遇袭击的案例越来越多，原因可能是：
项目方员工被钓鱼袭击，导致账户被盗；
项目方下载恶意软件，导致账户被盗；
项目方没有设置双因素认证，使用弱密码导致账户被盗；
项目方遭到钓鱼袭击，并添加了恶意书签，绕过浏览器的同源策略，导致项目方的Discordtoken被盗。
防骗技巧
1
作为项目方，项目方应警惕各种传统网络攻击和社会工程攻击，避免下载恶意软件，避免访问钓鱼网站，使用官方建议的双因素认证，设置强密码等安全操作。
2
作为一个网络3用户，我们首先应该有这样一种意识：官方的discord账户越来越频繁地被盗，官方的信息也可能是钓鱼信息，这并不等于官方的绝对安全。此外，在任何需要自我授权或交易的地方都需要谨慎，并尝试通过多个渠道交叉确认信息。
现在，当网络3继续流行时，钓鱼欺诈的方式出现在无穷无尽的溪流中。用户需要记住上述的欺诈预防技能，并尽力确保他们不会被钓鱼欺诈。但如果你被欺骗了，你可以采取以下措施来尽可能地补救它：
-立即隔离资产，尽快将剩余资产转移到安全的位置，避免更大的损失；
-主动发表声明，通知大家有关被盗账户的信息，避免危及朋友和社区；
-尽可能保留证据，寻求后续处理的项目方或机构；
-可以寻找成都链安等专业安全公司进行资金追踪。
最后，建议记录并分享被欺骗的经验，并与大家分享。反钓鱼反欺诈需要大家的关注和参与。

On June 5, 2022, the Boredapeyachub (Bored Ape) Discord community was attacked by hackers for phishing, and the hacker’s profit was approximately 142 ETH. Public opinion monitoring based on the Chengdu Chain Security Situation Awareness Platform. The Chengdu Chain Security Team analyzed this incident for the first time and the results are as follows.
Related Information #1 Event.
Madonna, Stephen Curry, Jay Chou, JJ Lin and other domestic and foreign stars have started the Boring Ape series of NFTs. In January this year, football star Neymar announced that he had purchased Two Boring Apes NFT for more than $1 million. Recently, fishing attacks on NFT have also gradually increased. For example, Jay Chou's Bored Ape suffered a fishing attack on April Fool's Day.
In the web3 world, phishing is mainly achieved through a series of means, such as twitter, discord and website forgery. Usually, in this process, it is accompanied by social engineering attacks such as false trust, online chat, decoy, equivalent exchange, empathy (see Wikipedia: Social Engineering for details), which cannot be stopped.
On June 5, BAYC stated on its official Twitter that the team quickly discovered and solved the problem because its Discord server was briefly attacked today, but NFTs worth about 200 ETH were still affected. The team is currently investigating and advises affected users to contact officials via email.
Attack Process #2 of this incident.
Attacker address
F3FD3295E4AD02ECE4a3f2D0x1079061D3f7.
In the first step, the attacker publishes a phishing website link to the official community.
In the second step, the attacker obtained 32 NFTs through a phishing website including 2 BAYC.
The third step is to send 142ETH to tornado.cash through an external address, and the attacker sells the NFT obtained by phishing.
Money Tracking #3.
As of the time the document was published, 154 (approximately $275,944.9) ETH had been transferred out of the attacker’s address, of which 142 (approximately $25,442.7) ETH had entered Tornado.cash.
#4 Summary
Recently, after analysis by the Chengdu Chain Security Team, there are more and more cases of official discord being attacked. The reasons may be:
Project employees were attacked by phishing, resulting in accounts being hacked. Theft;
The project party downloaded malware, resulting in account theft;
The project party did not set up two-factor authentication and used weak passwords, resulting in account theft;
The project party was attacked by phishing and added Malicious bookmarks were created and the browser's same-origin policy was bypassed, resulting in the project's Discordtoken being stolen.
Anti-fraud tips
1
As a project party, the project party should warnBe wary of various traditional network attacks and social engineering attacks, avoid downloading malware, avoid visiting phishing websites, use officially recommended two-factor authentication, set strong passwords and other security operations.
2
As a network 3 user, we should first have the awareness that official discord accounts are stolen more and more frequently, and official information may also be phishing information. This does not mean that official discord accounts are stolen more and more frequently. of absolute safety. Additionally, caution is required wherever self-authorization or transactions are required, and try to cross-confirm information through multiple channels.
Now, as Net3 continues to gain popularity, phishing scams appear in endless streams. Users need to remember the fraud prevention skills mentioned above and do their best to ensure that they do not fall victim to phishing scams. But if you have been cheated, you can take the following measures to remedy it as much as possible:
-Isolate the assets immediately and move the remaining assets to a safe location as soon as possible to avoid greater losses;
-Proactively Issue a statement to inform everyone about the stolen account information to avoid endangering friends and the community;
-Keep evidence as much as possible and seek follow-up processing project parties or institutions;
-You can look for professional security such as Chengdu Lianan The company conducts money tracking.
Finally, it is recommended to record and share the experience of being deceived and share it with everyone. Anti-phishing and anti-fraud requires everyone’s attention and participation.