Cryptonews News NFT Hacks Via Discord Could Be Connected – Analysts

NFT Hacks Via Discord Could Be Connected – Analysts

Jaroslaw Adamowski
Last updated: | 2 min read
Source: AdobeStock / Pixels Hunter

 

An analysis of recent hacks targeting non-fungible token (NFT) projects carried out through the social media platform Discord shows that many of them are part of a larger string of attacks, according to blockchain intelligence company TRM Labs.

Such attacks have rapidly risen over the past three months, and since May 2022, the NFT community has lost as much as USD 22m. 

Last June, phishing attacks related to NFT minting scams carried out via compromised Discord accounts rose by 55% compared with May 2022, the firm’s researchers said in a recent report. 

TRM Labs stated that one of the NFT project exploits that could be linked to other hacks is Yuga Labs, the company behind the Bored Ape Yacht Club (BAYC) collection.

“Yuga Labs’ Discord servers were hacked on June 4th when BorisVagner.ETH, Social Manager at Yuga Labs, had his verified Discord account compromised. While in control of the verified account, the hacker began to post promotional material to the account’s Discord community,” according to the report.

The company’s researchers said that a review of more than 15 “notable” Discord compromises targeting NFT servers and analysis of on-chain and off-chain data suggest that “dozens of these recent account compromises are likely related.”

 Furthermore, some of the linked compromises include well-known NFT Discord project accounts such as BAYC, Bubbleworld, Parallel, Lacoste, Tasties, Anata, and others, they stated.

Based on its findings, TRM Labs says that its analysis of on-chain and off-chain data indicates that many of the attacks through Discord that target NFT projects show similar patterns of behavior. Hackers use a wide range of tactics to scam Discord users, including:

  • deploying sophisticated social engineering, such as phishing and fraudulent accounts that pretend to be an administrator;
  • taking advantage of bot vulnerabilities, such as the Mee6 bot, which enables administrators to automatically give and remove roles and file messages to the community;
  • in some cases, hackers even updated administrator settings with the aim of preventing Discord moderators from interfering with their criminal operations.

The report found that, 

“Hackers’ messages to users have routinely attempted to tap into the sense of urgency typically associated with NFT minting events, prompting users to act quickly in order to avoid missing out on a free giveaway or limited inventory.”

TRM Labs argues that, as NFT projects make efforts to strengthen the security of their platforms and servers, and law enforcement and other groups intensify work to prevent attackers from carrying out future exploits, individuals should also take steps to protect themselves.

“Being aware of common attack vectors, including platforms like Discord, and common tactics by threat actors, including phishing attacks that utilize [fear of missing out] FOMO-inducing language, will help mitigate the risk of becoming a victim of these scams,” the researchers concluded.

____

Learn more: 
Top 7 NFT Scams to Look Out For
Hackers Stole USD 670M from DeFi Projects in Q2, Up by 50% from Q2 2021

Law Firm is Trying to Organize Class Action Lawsuit Against Yuga Labs
Twitter’s Head of Marketing Denies Claims by Yuga Labs Co-Founder About a Social Media Attack

NFT Hackers Attack: Influencer Zeneca and Platform PREMINT are the Latest Targets
Uniswap Users Fall Victim to a USD 8M NFT Phishing Attack, Binance Pulls False Alarm

Crime Hack NFT Non-fungible tokens Security Social media

Most Popular

Blockchain News
Crypto Lawyer John Deaton Is Outraising Elizabeth Warren In Election Campaign
Bitcoin News
Australian Crypto Mining Companies Collapse into Liquidation Owing 450 Investors
Blockchain News
Robert Kiyosaki Says No to Spot Bitcoin ETF Investments
Blockchain News
Microsoft Invests $1.5 Billion Into AI Firm in the UAE
Blockchain News
Trust Wallet Issues Warning About Zero-Day Exploit Targeting iOS Users
Blockchain News
Binance.US Appoints Former NY Fed Compliance Chief Grant Martin To Board Amidst Crypto Regulation Crackdown

Latest news

Blockchain News
Microsoft Invests $1.5 Billion Into AI Firm in the UAE
Blockchain News
Trust Wallet Issues Warning About Zero-Day Exploit Targeting iOS Users
Blockchain News
Binance.US Appoints Former NY Fed Compliance Chief Grant Martin To Board Amidst Crypto Regulation Crackdown
News
Best Crypto to Buy Now April 16 – Celestia, Pepe, Fantom
Bitcoin News
Bitcoin Price Prediction as BTC Crashes Before Halving – Is The Bull Market Over?
Bitcoin News
Hut 8 Cuts Mining Costs By 30% At New Salt Creek Facility
Blockchain News
U.S. Senators Elizabeth Warren and Charles Grassley Demand CFTC Chair Rostin Benham Explain Ties To Sam Bankman-Fried

Similar News