On Tuesday, Solana nonfungible token (NFT) project Monkey Kingdom, which has received notable backing from American DJ Steve Aoki, announced via Twitter that hackers made off with $1.3 million of the community’s crypto funds through a security breach on Discord.
According to its developers, the hack first occurred with the breach of Grape, a popular solution for verifying users on Solana. Hackers then used the exploit to take over an administrative account, which posted a phishing link in the Monkey Kingdom Discord’s announcement channel. Users who followed the link connected their wallets expecting they would receive an NFT but instead were drained of their SOL tokens by the scammer.
Announcement on the discord hack pic.twitter.com/1r7svjlZcB
— Monkey Kingdom (@MonkeyKingdom_) December 21, 2021
Tragically, the hack took place when users were lining up for the project’s second drop. The Monkey Kingdom consists of 2,222 algorithmically generated NFTs centered around Sun Wukong, otherwise known as “The Monkey King” in Chinese folklore. All proceeds from the initial sale of the NFTs were to go to a charity of choice, with the intent of supporting Asian communities worldwide. It was one of the most successful NFT projects to have originated in Asia.
Guys I got drained 650 $SOL.
It is one my biggest mistake.
I am always recommending people using burner but I was nervous and fomo the Monkey Kingdom Mint. Never thought it was not a legit mint link in official discord.
It is important money to my family: my wife, my son. pic.twitter.com/rtWbCu81Ga
— commenstar (@commenstar) December 21, 2021
Related: Beeple’s Discord compromised, timed to coincide with Christie’s auction
One Twitter user, who goes by the name of “commenstar,” claims to have lost 650 SOL, worth roughly $120,400, due to the scam. But all was not lost. The staff at Monkey Kingdom has set aside a compensation fund for victims and is on track to fully reimburse those affected. The timeline and process for distributing the funds has not yet been disclosed.
Phishing attacks are nothing new for the crypto industry. Over the past year, scammers have been repeatedly targeting Discord users and exploiting the platform itself to orchestrate such NFT hacks.
Monkey Kingdom community, we have your back! We have begun processing compensation requests and will be contacting individuals starting today. Thank you for your patience! Once you receive your compensation, please kindly share the news with the community. For the Kingdom!! pic.twitter.com/TVbuSqdKtq
— Monkey Kingdom (@MonkeyKingdom_) December 22, 2021