Skip to main content

Discord hackers steal millions of dollars in NFTs

 


Discord is not only a popular place to exchange ideas, hackers are also increasingly drawn to certain servers with one goal: steal valuable NFTs. The damage is now in the millions. New analyzes point to a connection between the phishing attacks.


NFTs stolen for $22 million

The social media platform Discord has seen an increase in hacker attacks over the past three months. This is the result of an evaluation by the blockchain security company TRM Labs . The common method: so-called phishing, in which users are linked to fraudulent websites and personal data is tapped. Hackers seem to be targeting valuable NFTs more and more frequently.


According to TRM Labs, phishing attacks related to NFT thefts increased by 55 percent in June. Over 100 reports of hacks on Discord channels have been reported to the company in the last two months. The NFTs lost around $22 million since May, according to the report.


Target: Bored Ape Yacht Club

The attackers act in a targeted manner, with high-priced NFTs such as those of the Bored Ape Yacht Club (BAYC) being stolen in particular. On June 4th, the Discord server of Yuga Labs, the company behind the NFT Collection, became the target of multiple phishing attacks. Users were promised exclusive giveaways. After following the links and connecting their wallet, the attackers transferred the NFTs to their own wallet.


Same patterns

Not an isolated example, the attacks have method according to TRM Labs. As evaluations of on- and off-chain data show, “many of the Discord attacks on NFT projects show similar behavioral patterns”. Including phishing attacks on accounts of the NFT projects Bubbleworld, Parallel, Lacoste, Tasties, Anata and “a dozen others”. The June 4 incident on the Yuga Labs Discord server is also said to be part of the orchestrated series of attacks.


“We are seeing an increase in attacks on NFT projects and other crypto businesses over the past few months,” Ari Redbord, head of legal at TRM Labs, told BTC-ECHO. Such incidents could continue to increase "as long as cybercriminals are able to steal large amounts of funds or assets that can be sold for money."


Search for clues on the blockchain

The scheme is always the same: Attackers create fraudulent accounts, pretend to be administrators, advertise campaigns such as giveaways, i.e. supposedly free distributions from NFTs, for example, and send out phishing links. In doing so, they urge “users to act quickly so as not to miss out on a free giveaway or limited stock.”


The stolen NFTs were initially sold for ether through marketplaces, according to TRM Labs. Most of the proceeds were sent to three different wallets before the funds were moved to other wallets via Ethereum mixer Tornado Cash and exchanged for Bitcoin via “decentralized services, gambling websites and a dark web market”. One of the three wallets “was also connected to wallets directly related to other Discord breaches that took place in May and June 2022,” according to TRM Labs.


It is not yet clear who or how many people are behind the attacks. However, the professional approach suggests several actors who could be part of a hacker group.


How to protect yourself

 Although there are "clear control mechanisms", methods are still being developed to "complicate social engineering attacks" and improving "tools to protect our users". The company invests “continuously in security improvements”, suspicious users are blocked, servers are shut down. Spam can be reported directly to Discod, and a system is also being tested “that monitors the server for inauthentic behavior of new members and proactively puts the server in a safe mode”.


Ultimately, however, users must be vigilant. “Individuals should be aware of common attack vectors, including platforms like Discord, and common tactics used by threat actors, including phishing attacks that use FOMO-inducing language,” TRM investigator Monika Laird tells BTC-ECHO. "Users can also check the messages on a project's other social media accounts on platforms like Telegram, Twitter or Instagram to see if there are any giveaways being promoted or discussed."


Phishing attacks cannot be reversed. The best precaution: be careful - do not pass on any data, do not be fooled by alleged profit campaigns, do not click on any suspicious links. Fraudulent actions are often obvious at first glance. For example, if they are allegedly advertised by prominent people such as Vitalik Buterin or Charles Hoskinson. Or are only available for a short time. With a few exceptions, nothing is given away on the Internet, and certainly not on Discord servers.

My Top Picks
Honeygain - Passive earner that pays in BTC or PayPal
MandalaExchange -The Best no KYC crypto Exchange! 
BetFury - Play And Earn BFG for daily Bitcoin and ETH dividends!
Pipeflare - Faucet that pays in ZCash and Matic, Games pay in DAI
Womplay - Mobile dApp gaming platform that rewards in EOS and Bitcoin
Cointiply - The #1 Crypto Earning Site
Torum - Join the latest Social Network and earn TRM for Free! 
LiteCoinPay - The #1 FaucetPay earner for Litecoin 
LBRY/Odysee - YouTube Alternative that lets you earn Money by viewing videos!
FaucetPay - The #1 Microwallet Platform
FREEBTC - The #1 FaucetPay earner for Satoshi's
FaucetCrypto - An earning/faucet site that pays out instantly
FireFaucet - An earning site that pays better for some than Cointiply
DogeFaucet - Dogecoin Faucet
xFaucet - BTC, ETH, LTC, Doge, Dash, Tron, DGB, BCH, BNB, ZEC, FEY - Claim every 5 minutes
Konstantinova - BTC, ETH, LTC, Doge, Dash, Tron, DGB, BNB, ZEC, USDT, FEY, 25 Claims Daily

Comments

Post a Comment

Popular posts from this blog

From offchain to offchain: Statechains meets Lightning

  Without a doubt, the most significant off-chain Bitcoin solution is the Lightning network. But in its wake, the statechain has emerged as an intriguing replacement. There is currently a proposal to link the two offchain networks. From an ocean, for example, you can see sunbeams glistening in the water, waves rippling, and possibly a jellyfish drifting toward the light. But you only see a small portion of it. The distance from the sea's surface to its bottom is hundreds of meters. It has dozens of different fish species swimming in it, crabs and starfish crawling on the bottom, shells clinging to rocks, and sea plants climbing up. A completely new world starts where your gaze diverges. You can picture a blockchain like Bitcoin, just like the sea. What you see on the outside is only a small portion of what is actually there; the set of UTXOs (coins) and transaction history that full nodes store are just the beginning of a much larger world. It's the plan, at least. With Bitcoin...
Post a Comment
Read more

Phishing attack on popular crypto sites tries to empty wallets

  Several major crypto sites such as Etherscan, CoinGecko, DeFi Pulse, and others report malicious pop-ups scammers use to try to trick users into connecting their MetaMask wallets. The phishing attack came from a domain displaying the Bored Ape Yacht Club (BAYC) logo. "We are investigating the root cause of this attack to fix the threat as soon as possible," CoinGecko founder Bobby Ong tweeted. The phishing attack appears to have been triggered by a malicious ad script from Coinzilla, a crypto ad network, according to CoinGecko. Etherscan also advises its users not to confirm any transactions that may appear on the website. The attackers attempted to use the hype around the “bored monkeys” non-fungible tokens (NFT) to gain access to the cryptocurrencies of unsuspecting website visitors. Although the websites affected by the scam attempt have reacted in the last few hours and deactivated the advertising pop-up, it is still recommended not to connect your MetaMask wallet to ne...
Post a Comment
Read more

Bored Ape Yacht Club NFTs stolen through phishing on Instagram

  Bored Ape Yacht Club ( BAYC ) developers announced on Monday that hackers have hijacked the official Instagram page of the popular NFT collection and posted links to a fake airdrop. Crypto enthusiasts who connected their MetaMask wallet to the rogue website subsequently had their Ape NFTs stolen. Apparently, the attack was planned to coincide with the one-year anniversary of the BAYC collection. This increased the "perceived credibility" of the phishing link. About 100 NFTs are said to have been stolen in the phishing attack . According to CoinGecko data , the minimum price for a BAYC NFT is 139 Ether ( ETH ) or $400,726. So if reports are correct, over $40 million worth of NFTs were stolen in the attack. These numbers are only the lowest estimate, however, as they are based on the lowest price.  At the time of writing, it was still unclear how the hackers gained access to BAYC's official Instagram account. Social media users have pointed out the importance of two-fact...
Post a Comment
Read more