Discord hacking has emerged as the newest threat to NFT buyers. A Discord server run by recently-launched NFT project Rare Bears’s was hit by a phishing attack, stealing nearly 179 NFTs worth $800,000.
According to blockchain security firm Peckshield, the attacker was able to steal NFTs including “Rare Bears” and other NFTs from various collections including “CloneX,” “Azuki,” a “mfer” from artist sartoshi, and six LAND tokens used for The Sandbox metaverse. Here’s what happened.
On March 17, a hacker gained illegal access to Rare Bears Discord moderator Zhodan’s account. The hacker immediately posted an announcement within the group informing that a new mint of NFT’s was taking place, followed by a phishing link. As soon as users clicked on the link, their NFTs were stolen.
For the uninitiated, NFTs are stored in something called as a crypto wallet. These wallet contain your crypto tokens, and NFTs. Attackers are behind your crypto wallet because once they gain authorization to it, they can lock you out of your wallet forever and empty it.
The attacker then banned other admins of the group, removing their ability to post anything on the Discord server. In a post, the NFT company said the hackers invited a fake “Collab.land” bot to automatically lock all channels server so no one could communicate that the posts in announcements were fake. “Our team are working on a solution as we speak for those affected and will announce as soon as we can,” the company said in a tweet.
This is not the first time hackers have targeted Discord servers to steal crypto assets. Earlier, an NFT project Fractal was hacked, scamming 373 of its members out of a total of 800 in Solana cryptocurrency, worth $150,000.
More recently, pop culture icon Ozzy Osbourne’s NFT collection CryptoBatz went live. “CryptoBatz” is a series of 9,666 digital bats that were opened for sale on January 20. Hours after its launch, Osborne’s supporters took to Twitter and complained about a phishing scam that was draining cryptocurrency from their wallets, after they clicked on a link shared by the project’s official Twitter account.
This link was changed by the NFT project and taking advantage of it, cyber criminals created a fake Discord server on the old URL. When the followers clicked the scam link, they were redirected to a fake Discord panel, and asked to verify their crypto assets, prompting them to connect their cryptocurrency wallets. At least 1,330 people visited the fake NFT project.