NFT Hacks Via Discord Could Be Connected – Analysts

Crime Hack NFT Non-fungible tokens Security Social media
Ad Disclosure
Ad Disclosure

We believe in full transparency with our readers. Some of our content includes affiliate links, and we may earn a commission through these partnerships. However, this potential compensation never influences our analysis, opinions, or reviews. Our editorial content is created independently of our marketing partnerships, and our ratings are based solely on our established evaluation criteria. Read More
Last updated:
Ad Disclosure
Ad Disclosure

We believe in full transparency with our readers. Some of our content includes affiliate links, and we may earn a commission through these partnerships. However, this potential compensation never influences our analysis, opinions, or reviews. Our editorial content is created independently of our marketing partnerships, and our ratings are based solely on our established evaluation criteria. Read More
Author
Jaroslaw Adamowski
Author Categories
About Author

Last updated:
Why Trust Cryptonews
Cryptonews has covered the cryptocurrency industry topics since 2017, aiming to provide informative insights to our readers. Our journalists and analysts have extensive experience in market analysis and blockchain technologies. We strive to maintain high editorial standards, focusing on factual accuracy and balanced reporting across all areas - from cryptocurrencies and blockchain projects to industry events, products, and technological developments. Our ongoing presence in the industry reflects our commitment to delivering relevant information in the evolving world of digital assets. Read more about Cryptonews
Ad DisclosureWe believe in full transparency with our readers. Some of our content includes affiliate links, and we may earn a commission through these partnerships. Read more
Source: AdobeStock / Pixels Hunter

 

An analysis of recent hacks targeting non-fungible token (NFT) projects carried out through the social media platform Discord shows that many of them are part of a larger string of attacks, according to blockchain intelligence company TRM Labs.

Such attacks have rapidly risen over the past three months, and since May 2022, the NFT community has lost as much as USD 22m. 

Last June, phishing attacks related to NFT minting scams carried out via compromised Discord accounts rose by 55% compared with May 2022, the firm’s researchers said in a recent report. 

TRM Labs stated that one of the NFT project exploits that could be linked to other hacks is Yuga Labs, the company behind the Bored Ape Yacht Club (BAYC) collection.

“Yuga Labs’ Discord servers were hacked on June 4th when BorisVagner.ETH, Social Manager at Yuga Labs, had his verified Discord account compromised. While in control of the verified account, the hacker began to post promotional material to the account’s Discord community,” according to the report.

The company’s researchers said that a review of more than 15 “notable” Discord compromises targeting NFT servers and analysis of on-chain and off-chain data suggest that “dozens of these recent account compromises are likely related.”

 Furthermore, some of the linked compromises include well-known NFT Discord project accounts such as BAYC, Bubbleworld, Parallel, Lacoste, Tasties, Anata, and others, they stated.

Based on its findings, TRM Labs says that its analysis of on-chain and off-chain data indicates that many of the attacks through Discord that target NFT projects show similar patterns of behavior. Hackers use a wide range of tactics to scam Discord users, including:

  • deploying sophisticated social engineering, such as phishing and fraudulent accounts that pretend to be an administrator;
  • taking advantage of bot vulnerabilities, such as the Mee6 bot, which enables administrators to automatically give and remove roles and file messages to the community;
  • in some cases, hackers even updated administrator settings with the aim of preventing Discord moderators from interfering with their criminal operations.

The report found that, 

“Hackers’ messages to users have routinely attempted to tap into the sense of urgency typically associated with NFT minting events, prompting users to act quickly in order to avoid missing out on a free giveaway or limited inventory.”

TRM Labs argues that, as NFT projects make efforts to strengthen the security of their platforms and servers, and law enforcement and other groups intensify work to prevent attackers from carrying out future exploits, individuals should also take steps to protect themselves.

“Being aware of common attack vectors, including platforms like Discord, and common tactics by threat actors, including phishing attacks that utilize [fear of missing out] FOMO-inducing language, will help mitigate the risk of becoming a victim of these scams,” the researchers concluded.

____

Learn more: 
Top 7 NFT Scams to Look Out For
Hackers Stole USD 670M from DeFi Projects in Q2, Up by 50% from Q2 2021

Law Firm is Trying to Organize Class Action Lawsuit Against Yuga Labs
Twitter’s Head of Marketing Denies Claims by Yuga Labs Co-Founder About a Social Media Attack

NFT Hackers Attack: Influencer Zeneca and Platform PREMINT are the Latest Targets
Uniswap Users Fall Victim to a USD 8M NFT Phishing Attack, Binance Pulls False Alarm

More Articles

Press Releases
Tether’s Plan B Forum El Salvador Gathers Full House Around Bitcoin Discussions
2025-02-07 08:29:04
Price Analysis
Bitcoin Price Nears $97,000—Will the NFP Report Send It Pumping or Dumping?
Arslan Butt
Arslan Butt
2025-02-07 08:02:59
Crypto News in numbers
editors
Authors List + 66 More
2M+
Active Monthly Users Around the World
250+
Guides and Reviews Articles
8
Years on the Market
70
International Team Authors