At around 4:30 a.m. ET on Friday, Discord’s official channel for OpenSea, the world’s largest market for NFT, joined a growing list of NFT communities that have exposed participants to phishing attacks.

In this case, the bot made a fake message about OpenSea’s partnership with YouTube, enticing users to click on the “YouTube Genesis Mint Pass” link to catch one of 100 free NFTs with “crazy help” before they disappear forever. . as well as several subsequent communications. Blockchain security tracking company PeckShield marks the URL that the attackers link to, “youtubenft[.]art ”as a phishing site that is no longer available.

While the messages and phishing site are gone, one person said he lost NFT in the incident. specify this address in the blockchain as belonging to the attacker, so we can see more information about what happened next. Although this identity is blocked on the OpenSea site, browsing it through or a competitive NFT market, Rarely, shows that 13 NFTs were transferred to it from five sources during the attack. Now they are also reported to OpenSea for “suspicious activity” and based on their prices at the last sale they seem to cost a little over $ 18,000.

Phishing message, as seen in Discord.
Image: Richard Lawler / Discord

Screenshot of the thief's retrieval, as seen in Rarible

Screenshot of the thief’s retrieval, as seen in Rarible.
Image: Richard Lawler /

This type of intermediary attack, in which fraudsters exploit NFT traders who want to take advantage of airdrops, has become commonplace among prominent Web3 organizations. It is common for messages to appear unexpectedly, and the nature of the blockchain may give some users reasons to click first and consider the consequences later.

In addition to the desire to catch rare items, there is the knowledge that waiting can make copying your NFT in a hurry much slower, more expensive or even impossible (if you run out of money during the process). If they have left some items or cryptocurrency in their hot wallet that is connected to the Internet, then coughing up a login data can give them away in seconds.

In a statement to On the edge, OpenSea spokesman Ali Mack confirmed the incident, saying: “Last night an attacker managed to post malicious links on several of our Discord channels. We noticed the malicious links soon after they were published and took immediate steps to correct the situation, including removing the malicious bots and accounts. We also warned our community through our Twitter support channel not to click on links in our Discord. We haven’t seen any new malicious posts since 4:30 a.m. ET. “

“We continue to actively investigate this attack and will keep our community informed of any relevant new information. Our preliminary analysis shows that the attack had a limited effect. We are currently aware of less than 10 affected wallets and stolen items worth less than 10 ETH, ”says Mack.

OpenSea has not made a statement about how the channel was hacked, but as we explained in December, one entry point for this style of attack is the webhooks feature, which organizations often use to control bots in their channels to make posts. If a hacker accesses or compromises someone’s account, then they can use it to send a message and / or URL that appears to come from an official source.

Recent attacks include one that stole $ 800,000 worth of blockchain trifles Discord Rare Bears and Bored Ape announced that his channel was compromised on April 1. On April 25, BAYC Instagram served as a channel for a similar robbery, which seized NFT worth more than $ 1 million just by sending a phishing link.

Previous articleDocuments are buzzing in the aerospace and defense sectors: a 58% drop in mentions of cloud computing in the fourth quarter of 2021.
Next articleWhat is HDMI? Everything you need to know about the connector