NFT Discord Hacks Demystified

Last year was the year for NFT scams, with nearly monthly reported incidents from January to August 2022.

The billion-dollar industry has been plagued with increasing reports of discord server hacks, fake airdrops, and phishing links that became rampant between last year and now. How devastating are these hacks? This article explains the NFT discord hacks.

According to a cybersecurity company, Comparitech’s report, the total NFT loss since 2020 is over $86 million, with a vast increase in the number of hacks in 2022.

Another report from a recent analysis by TRM Labs states that cyber attacks against NFT collections have steadily risen in 2022, costing the NFT community over $22 million in May alone. NFTs are blockchain-based tokens that show ownership over digital or physical assets.

In the report, TRM Labs — which specializes in digital asset compliance and risk management — says cyberattacks linked to NFT minting scams deployed through compromised Discord accounts subsequently increased by 55% in June 2022 compared to the previous month.

“Since 2022, we’ve seen these compromises happening at scale, specifically on Discord,” TRM Labs investigator Monika Laird told Decrypt in an interview (2).

What’s more alarming is that popular NFT brands like BAYC, OpenSea, Monkey kingdom, Rare Bears, Azuki, Nyoki, Doodles, Fractal, etc., have been victims of such attacks losing substantial amounts to thieves. How did they become victims?

Discord: The go-to platform for NFTs

Like other social platforms, Discord is an instant messaging media with more than 350 million registered users and 150 million monthly active users. The platform, initially designed for gamers, allows all users to create and join private communities known as “servers for interactions.

Due to its large user base, Discord is now the go-to platform for NFT communities, where NFT holders and enthusiasts get the latest news, updates, and NFT announcements from their respective communities.

Also, due to its large user base, with some communities having hundreds of thousands of members, admin bots through third-party sites are employed to coordinate such groups.

How hackers exploit Discord

An essential marketing strategy for NFT founders is that before release, NFTs are overhyped via presales and airdrops to create a hungry market. Once the collection is released, users race to be among the early beneficiaries.

Scammers leverage this tactic to hack discord servers and drain millions of dollars. First, they hijack an admin bot. Infiltrate a project channel through a compromised account. They lock the channel and prevent other admins from commenting on the server. Gaining ground, they send false promotional giveaways and fake exclusive NFTs mints with phishing links to unsuspecting users, who are likely to click the links.

Once users click these links, they’re asked to share their account (wallet) information. Immediately, bad actors pillage users’ NFT assets once they get hold of their private keys resulting in millions of dollars in loss.

As for OpenSea’s attack in May, initial reports suggest that the intruder used webhooks to access server controls. A webhook is a server plugin that allows other software to receive real-time information. Webhooks have been used increasingly as an attack vector by hackers because they provide the ability to send messages from official server accounts.

The OpenSea Discord is not the only server to be exploited via webhooks. Several prominent NFT collections’ channels, including Bored Ape Yacht Club, Doodles, and KaijuKings, were compromised in early April with a similar vulnerability that allowed the hacker to use official server accounts to post phishing links(1).

Conclusion

Speaking to Cointelegraph, security consultant Pandez said that users should look out for a few key signs that could mean a message is a scam.

“Almost no serious project will ever do a stealth mint,” Pandez said. “Never click any links which appear like this(3).”

Since Discord is the go-to for all things NFT, it makes sense that it holds the interest of hackers. More reason NFT users and enthusiasts, discord Management and the Blockchain community need to invest in education and prioritize security to preserve the billion dollars industry.

Check out tools like PocketUniverse, Shield.xyz, and Peckshield to protect yourself!

Works Cited

1. A. KIRIMI, “OpenSea Discord server hacked, users warned to be vigilant of phishing scams”, CoinTelegraph, May 06, 2022. [Online]. Available: https://cointelegraph.com/news/opensea-discord-server-hacked-users-warned-to-be-vigilant-of-phishing-scams

2. J. Nelson, “NFT Projects Lost $22M to Largely the Same Hackers on Discord”, Decrypt, July 27, 2022. [Online]. Available: https://decrypt.co/106024/nft-projects-lost-22m-to-hackers-in-one-month-via-discord-report

3. J. Coghlan, “Rare Bears Discord phishing attack nabs $800K in NFTs”, CoinTelegraph, March 18, 2022. [Online]. Available:

https://cointelegraph.com/news/rare-bears-discord-phishing-attack-nabs-800k-in-nfts