NFT hack via Discord can be connected
An analysis of recent hacks targeting non-fungible token (NFT) projects carried out through the social media platform Disagreement shows that many of them are part of a larger series of attacks, according to the blockchain intelligence firm TRM Labs.
Such attacks have increased rapidly in the past three months, and since May 2022, the NFT community has lost as much as USD 22 million.
Last June, phishing attacks related to NFT minting scams carried out via compromised Discord accounts increased by 55% compared to May 2022, the firm’s researchers said in a recent report.
TRM Labs stated that one of the NFT Project’s exploits that can be linked to other hacks is Yuga Labsthe company behind Bored Ape Yacht Club (BAYC) collection.
“Yuga Labs’ Discord servers were hacked on June 4 when BorisVagner.ETH, social manager at Yuga Labs, had his verified Discord account compromised. While in control of the verified account, the hacker began posting promotional material to the account’s Discord community,” according to the report.
The company’s researchers said a review of more than 15 “notable” Discord compromises targeting NFT servers and analysis of on-chain and off-chain data suggest that “dozens of these recent account compromises are likely related.”
Furthermore, some of the associated compromises include well-known NFT Discord project accounts such as BAYC, Bubble world, Parallel, Lacoste, Tasty, Anataand others, they stated.
Based on the findings, TRM Labs says that the analysis of on-chain and off-chain data indicates that many of the attacks through Discord targeting NFT projects show similar patterns of behavior. Hackers use a wide range of tactics to trick Discord users, including:
- deploy sophisticated social engineering, such as phishing and fraudulent accounts impersonating an administrator;
- take advantage of vulnerabilities in bots, such as the Mee6 bot, which allow administrators to automatically grant and remove roles and archive messages to the community;
- in some cases, hackers even updated admin settings with the aim of preventing Discord moderators from interfering with their criminal operations.
The report found that
“Hackers’ messages to users have routinely sought to exploit the sense of urgency surrounding NFT mining events, urging users to act quickly to avoid missing out on a free giveaway or limited supply.”
TRM Labs argues that as NFT projects strive to strengthen the security of their platforms and servers, and law enforcement and other groups step up efforts to prevent attackers from carrying out future exploits, individuals should also take steps to protect themselves.
“Being aware of common attack vectors, including platforms such as Discord, and common tactics by threat actors, including phishing attacks that use [fear of missing out] FOMO-inducing language will help reduce the risk of falling victim to these scams, the researchers concluded.
____
Learn more:
– Top 7 NFT Scams to Watch for
– Hackers stole USD 670 million from DeFi Projects in Q2, up 50% from Q2 2021
– The law firm is trying to organize a class action against Yuga Labs
– Twitter’s marketing chief rejects claims by Yuga Labs co-founder about an attack on social media
– NFT Hackers Attack: Influencer Zeneca and Platform PREMINT are the latest targets
– Uniswap users fall victim to $8M NFT phishing attack, Binance pulls false alarm