NFT Projects Keep Getting Their Discord Servers Hacked - Here’s Why

Source: AdobeStock / Bits and Splits
 

In an unexpected development, non-fungible token (NFT) fraud watchdog Rug Pull Finder (RPF) has been successfully targeted by a smart contract exploit that allowed two persons to seize more than 450 NFTs, as per the entity. RPF offers its customers assistance which includes services related to social media platform Discord which has been increasingly used by hackers to steal digital assets. 

“We have reached an agreement with the wallets that took advantage of the contract, agreeing to pay them 2.5 ETH to purchase the remaining 366 NFTs. While they may have found an advantage, this is not a hack or scammers, etc. They found a bug, and they used it for profit,” the platform tweeted.

For some users, the latest development puts in question the value and quality of the services RPF offers.

“They are probably more prone to hacks (discord) to be fair, but the contract mistake they've made is probably one they've seen and documented multiple times. Not sure I'd pay for a contract audit from them, there are tons of excellent auditors out there,” commented user gabey.eth.

“I think its concerning when security minded projects like RugPullFinder get their discord breached and their code exploited yet they're offering those exact services to customers,” tweeted user OKHotshot.

Analysis of recent hacks targeting NFT projects carried out through Discord indicates that many of them are part of a larger series of attacks, according to a report by blockchain intelligence company TRM Labs. Such attacks have rapidly increased over the past months, and between May and late July 2022, the global NFT community lost as much as USD 22m.

“In June 2022, phishing attacks linked to NFT minting scams deployed through compromised Discord accounts increased by 55% in comparison to the previous month,” according to the report.