Root-cause analysis not yet published. The incident description below contains all currently available signal — review the attack transaction directly for definitive forensics.
Reproducible Foundry test fork from SunWeb3Sec/DeFiHackLabs. Clone the repo, run forge test against the file path above, and replay the exploit against a mainnet fork at the historical block. Use for reproduction only — not for live targets.
According to the official news of each project, the Discord of NFT projects whose servers are currently under attack include BAYC, Doodles, Nyoki, Shamanz, Zooverse, Dreadfuls, Freaky Labs, and Kaijukingz. In addition, the source code of the verification robot Captcha has been leaked, and the private message tool Ticket tool has been attacked. Attack method (per SlowMist): Discord was hacked. Reported loss: -.
- chain
- —
- protocol
- Multiple NFT projects
- bug_class
- unknown
- date_occurred
- 2022-04-01
- loss_usd
- —
- source_id
- sm:multiple-nft-projects::2022-04-01