Discord’s official channel in the NFT OpenSea market was recently infiltrated by cybercriminals who used it to spread phishing links.
According to On the edgeA bot in the channel made a false announcement that the NFT market was partnering with YouTube and that users had to click on “YouTube Genesis Mint Pass” to get one of 100 free NFTs before they disappeared forever.
Just as cybercriminals often do in phishing emails, this message instilled a sense of urgency to make users click on a link to a site that this blockchain security company PeckShield has already marked as a phishing site.
At the same time, as NFT space tends to move quite fast, users knew from past experience that they only have limited time to request one of the free NFTs and probably don’t want to miss it.
Although the malicious messages were removed from the OpenSea Discord channel and the phishing site was also removed, one user said they lost NFT in the incident and cited an address in the blockchain that belongs to the responsible cybercriminals.
A review of Etherscan.io’s address or NFT Rarible’s competing market shows that 13 NFTs were actually transferred to it by five users during the attack, and based on their last-sale prices, all five NFTs appear to cost just over $ 18. k.
Although OpenSea has not yet explained how its Discord channel was hacked, one possible explanation is that cybercriminals have used webhook functionality, which organizations use to control bots that publish on their channels.
In a statement to On the edgeOpenSea spokesman Ali Mack provided further details on how the company reacted to the incident, saying:
“Last night, an attacker managed to post malicious links on several of our Discord channels. We noticed the malicious links soon after they were published and took immediate steps to correct the situation, including removing the malicious bots and accounts. We also warned our community through our Twitter support channel not to click on links in our Discord. Our preliminary analysis shows that the attack had a limited impact. We are currently aware of less than 10 affected portfolios and stolen items worth less than 10 ETH. “
Whether you’re in Discord or Telegram, you should avoid clicking suspicious links, especially in messages that try to instill a sense of urgency to prevent you from becoming a victim of phishing attacks.
Through On the edge