Quickly cancel Discord CAPTCHA authorization! BAYC, Doodles fall victim on April Fool's Day, compromised verification bot cited as main culprit
On April Fools' Day, a mishap occurred in the NFT community involving singer Jay Chou participating in the sale of "Arcade" land with the involvement of the popular NFT project Bored Ape Yacht Club (BAYC), leading to losses. Additionally, the verification bot tool on Discord, a commonly used social platform in the NFT space, was hacked, causing various communities like BAYC and Doodle on Discord to fall victim. Information security expert @SerpentAU stated:
These official CAPTCHA BOTs have been hacked, quickly remove them from your server
Quick Look: How to remove authorized applications
Advertisement - Continue scrolling for more content
Table of Contents
Hacked Verification Bot Tool
@SerpentAU stated that, according to one of the hackers, the official verification bot tool CAPTCHA BOT has been hacked, affecting both BAYC and Doodles, with more servers expected to be compromised.
Official CAPTCHA BOT:
CAPTCHA BOT tool is commonly used across various community servers:
@SerpentAU mentioned that although he cannot confirm 100% if this is the main reason for the Discord hack, removing this Captcha Bot from your server and replacing it with another would be safer. He has confirmed from the developer of Captcha Bot, ImDarkDiamond, that the tool has been hacked and its source code has been stolen.
@SerpentAU also mentioned that another tool, Ticket Tool, has also been hacked, advising users to remove it from their servers. Ticket Tool's official confirmation of the incident is underway, and a secure version is now available.
How to Remove Authorized Applications?
Click on the "gear" icon at the bottom left of the Discord page under your profile picture:
In the user settings, you can select "Authorized Applications" where you can disable risky bot tools:
BAYC, Doodle Communities Affected
BAYC officials advise against minting anything appearing in Discord at the moment as it has been temporarily compromised. There are no April Fools' related minting or airdrops planned, and other Discord communities are also facing similar issues.
BlockSecAlert mentioned that the Doodles community has also been hacked, cautioning people against clicking on any links:
Related
- ApeCoin DAO proposal to spend $350,000 to build a boring ape-themed hotel, offering a free night's stay for APE holders!
- The original Doge, Kabosu, who we chased after together all those years, passed away at 7 o'clock on the morning of 5/24.
- Magic Eden establishes a royalty alliance, with dozens of NFT projects responding by successively withdrawing from OpenSea and Blur.