NFT Artist Beeple Warns Discord Members of Wallet Drainer Exploit

In short

  • Beeple, a popular NFT artist, tweeted on Monday that links pointing to his Discord server have been compromised.
  • He claimed the links pointed to a malicious copy server, which can steal users’ assets if they connect to a wallet for verification.

High-profile NFT artist Mike “Beeple” Winkelmann said today that links pointing to his Discord server have been hacked and changed, instead redirecting fans and followers to a fake copy server that can swipe NFTs and tokens from users that interacts with it.

“It appears that our Discord URLs were hacked to point to a fraudulent Discord,” he tweeted. “DO NOT go into that Discord and don’t verify, it will empty your wallet!!”

Beeple is a well-known digital artist if sales in March 2021 of Ethereum NFT “Everydays: The First 5,000 Days” set the record for top single NFT sale ever at $69.3 million. His other work includes last year’s “HUMAN ONE,” a hybrid digital/physical piece, which sold for $28.9 million at auction.

Beeple’s server is designed for collectors of his NFT work, and based on his tweeted comment, it appears to require verification of ownership by connecting to an Ethereum wallet holds one of the qualified NFTs. Should a user connect that wallet to this malicious copy server, the perpetrators could potentially steal any NFTs or tokens in the wallet.

Such scams have increased in number in recent months as attackers use hijacked accounts to spread malicious “wallet draining” links. Many notable projects and artists have faced such hacks on Twitter – including Beep yourself in May— but these scams have also been perpetrated on Discord and Instagram as well.

When a user connects smart contract– that is, the data code behind NFT projects and decentralized apps – and allowing broad access permissions to what they believe is a trusted application, they may inadvertently allow attackers to steal assets from their wallets.

Beeple did not note any specific examples of users claiming to have been affected by the malicious Discord links. Decrypt contacted Beeple representatives but did not immediately hear back. In an email message, a Discord spokesperson said Decrypt: “Discord takes the safety of all users and communities very seriously. We are always working to combat abusive behavior on our service, and continue to invest in education and tools to protect our users.”

While many Web3 projects and creators use Discord as a way to build community and interact with supporters, the game-centric chat service has also become a punching bag from outspoken creators and collectors who have been affected by such scams.

“Once again, a big thank you to Discord for being trash,” Beeple included in his tweet today. In June, Bored Ape Yacht Club co-creator Gordon Goner (aka Wylie Aronow) shared his own take after the project’s Discord was compromised, tweeting“Discord doesn’t work for Web3 communities. We need a better platform that puts security first.”

Last year, Discord founder CEO Jason Citron teased work on native integration of crypto wallets, however faced backlash– especially from vocal players – about the plan.

Days later, Citron tweeted that Discord had “no current plans to ship this internal concept.” Currently, Discord servers rely on third-party automated wallet verification services (bots) instead of Discord-provided tools.

Editor’s note: This article was updated after publication to include comments from a Discord representative.

Stay up to date on crypto news, get daily updates in your inbox.

NFT Artist Beeple Warns Discord Members of Wallet Drainer Exploit

In short

  • Beeple, a popular NFT artist, tweeted on Monday that links pointing to his Discord server have been compromised.
  • He claimed the links pointed to a malicious copy server, which can steal users’ assets if they connect to a wallet for verification.

High-profile NFT artist Mike “Beeple” Winkelmann said today that links pointing to his Discord server have been hacked and changed, instead redirecting fans and followers to a fake copy server that can swipe NFTs and tokens from users that interacts with it.

“It appears that our Discord URLs were hacked to point to a fraudulent Discord,” he tweeted. “DO NOT go into that Discord and don’t verify, it will empty your wallet!!”

Beeple is a well-known digital artist if sales in March 2021 of Ethereum NFT “Everydays: The First 5,000 Days” set the record for top single NFT sale ever at $69.3 million. His other work includes last year’s “HUMAN ONE,” a hybrid digital/physical piece, which sold for $28.9 million at auction.

Beeple’s server is designed for collectors of his NFT work, and based on his tweeted comment, it appears to require verification of ownership by connecting to an Ethereum wallet holds one of the qualified NFTs. Should a user connect that wallet to this malicious copy server, the perpetrators could potentially steal any NFTs or tokens in the wallet.

Such scams have increased in number in recent months as attackers use hijacked accounts to spread malicious “wallet draining” links. Many notable projects and artists have faced such hacks on Twitter – including Beep yourself in May— but these scams have also been perpetrated on Discord and Instagram as well.

When a user connects smart contract– that is, the data code behind NFT projects and decentralized apps – and allowing broad access permissions to what they believe is a trusted application, they may inadvertently allow attackers to steal assets from their wallets.

Beeple did not note any specific examples of users claiming to have been affected by the malicious Discord links. Decrypt contacted Beeple representatives but did not immediately hear back. In an email message, a Discord spokesperson said Decrypt: “Discord takes the safety of all users and communities very seriously. We are always working to combat abusive behavior on our service, and continue to invest in education and tools to protect our users.”

While many Web3 projects and creators use Discord as a way to build community and interact with supporters, the game-centric chat service has also become a punching bag from outspoken creators and collectors who have been affected by such scams.

“Once again, a big thank you to Discord for being trash,” Beeple included in his tweet today. In June, Bored Ape Yacht Club co-creator Gordon Goner (aka Wylie Aronow) shared his own take after the project’s Discord was compromised, tweeting“Discord doesn’t work for Web3 communities. We need a better platform that puts security first.”

Last year, Discord founder CEO Jason Citron teased work on native integration of crypto wallets, however faced backlash– especially from vocal players – about the plan.

Days later, Citron tweeted that Discord had “no current plans to ship this internal concept.” Currently, Discord servers rely on third-party automated wallet verification services (bots) instead of Discord-provided tools.

Editor’s note: This article was updated after publication to include comments from a Discord representative.

Stay up to date on crypto news, get daily updates in your inbox.

You may also like...

Leave a Reply

Your email address will not be published. Required fields are marked *