Decoding NFT’s Discord Server Hacks | QuillAudits

Discord is a social media platform that is commonly used by NFT Projects. In recent times, there has been an increase in Discord hacks on these platforms. This attack has been increasing at a rapid rate since May 2022.

This blog will describe how these Discord Servers are hacked, a Few Case Studies, and how users can remain safe from these hacks.

What is a Discord?

Discord is an interactive forum where members can find all the needed information regarding a topic/event and go for detailed interaction. Discord of an NFT project is an interactive forum where artists, developers, and investors converse about various relevant topics.

Rise of NFT Discord Server Hacks:

The recent rise in popularity of these NFTs is due to a lack of information available both offline and online, making them a popular target for scammers and hackers. Both the People who buy and sell NFTs are at risk of having their NFTs stolen from their wallets. There have been numerous cases of such Stolen NFTs recently.

Genuine non-fungible token holders have lost millions of dollars to these scams. Phishing attacks linked to NFT minting scams deployed through compromised Discord accounts have increased rapidly in recent months. Users have lost more than $22M due to these scams since May 2022. In September alone more than 15 NFT’s Discord has been hacked.

How do these Attacks take place?

The attack starts with the attacker compromising the NFT’s discord servers. The attacker commonly uses techniques like phishing, social engineering, bots, etc. to compromise Discord servers.

After compromising the servers, scammers succeed when they can trick users to connect wallets to their Malicious websites. They usually send out links to promotional giveaways and “exclusive” NFTs mints pushing people to jump into these malicious websites by creating a false sense of urgency and provoking FOMO (fear of missing out) among users.

Common ways to compromise Discord Servers.

1. Social Engineering: Attackers often compromise Discord Servers using sophisticated social engineerings, such as phishing and fraudulent accounts pretending to be an administrator.
2. Exploiting Discord Bots Vulnerabilities: Attackers can use vulnerability in bots to compromise Discord Servers. Several Vulnerabilities were found in Discord plugins like Dyno, MEE6, CollabLand, etc. which would’ve allowed attackers to become administrators, send messages, and DM users. See here for more details.
3. Unsecured Accounts: Sometimes the projects don’t secure their account properly. They don’t implement security features like 2FA, using a strong password, etc. which can lead to compromise. Using 2FA like google authenticator or any other protects accounts ever after any password breaches.

How do these Scammer trap users into scams?

The Scammers send DM or announce with compromised Accounts about some Giveaways or Offers. They create a sense of urgency typically associated with NFT minting events, prompting users to act quickly to avoid missing out on a free giveaway or limited inventory.

Below is an example of how they do it:

Case Studies:

Below are a few case studies of Discord Hacks that took place in recent times:

1. Bored Ape Yacht Club Discord Hack:

The Bored Ape Yacht Club (BAYC) Discord server was hacked on 4th June 2022. The Yuga Labs claimed that the attacker made around 200 ETH i.e. $360,000 worth of NFT tokes.

The attacker first compromised the Project Community Manager’s (Boris Vagner) Discord Account, then the attacker used his account to post phishing links in Official Bored Ape Yacht Club’s (BAYC) Discord along with some other related metaverse project called Otherside’s Discord Channels.

2. Fractal’s Discord Hack:

On 21st December 2021, Fractal was hacked, scamming 373 of its members of a total of $150,000 in $SOL.

Hackers compromised Fractal’s Discord by gaining access to their webhooks. The webhooks trigger event responses after listening to messages sent. By gaining access to webhooks, hackers could send broadcast messages to community members.

The attacker then posted a fake mint link in their #announcements channel. There were around 100,000 members in the community, and only 0.3% fell into this trap.

What to do when your NFT Discord server is hacked?

1. Communicate to users about the hack. No one knows what’s going on. Everyone is scared and has no direction. You must stay in communication.
2. Try to change your password after the hack. Most times hackers change it immediately, do it ASAP.
3. Remove all payment details from discord like PayPal, stripe to be safe from further financial damage.

If you want to explore more. See here for further details.

How can users protect themselves from these Scams?

NFT and crypto scams usually have one goal i.e. they want access to your wallet. Users can follow the following steps to protect themselves from these scams. For more info see here.

1. Users should be aware of common attack techniques that scammers use against them like social engineering, phishing attacks, etc.
2. Before verifying, don’t click suspicious links or connect your wallet to any website. Always double-check any links sent to you via Discord or any other channel. Contact the NFT project’s owners to determine whether any offers you see are genuine.
3. Discord DMs (direct messages) are the most common way people (and bots!) will try to scam you. Always prefer to close your DMs.
4. Never share your private details with anyone pretending a Community Member of Projects. Most legitimate NFT projects, like other businesses, will never require or request your private account information.

Web3 security- Need of the hour

Why QuillAudits For Web3 Security?

QuillAudits is well-equipped with tools and expertise to provide cybersecurity solutions saving the loss of millions in funds.

Want more Such Security Blogs & Reports?

Connect with QuillAudits on :

Linkedin | Twitter | Website | Newsletter | Discord | Telegram