Discord Hackers reportedly stole $22 million worth of NFT Projects

Jamal Molla
Written By Jamal Molla
I write about cryptocurrency, with a special interest in NFT and metaverse in particular.

Reports by some Web3 security firms on the increasing number of NFT projects that are targets of hackers may have been the handiwork of a group of hackers who compromised administrator accounts of Discord.

The report concluded that hackers who are targeting Bored Ape Yacht Club (BAYC) and a couple of other projects are members of a “wider network.”

According to the results of a recent TRM Lab analysis, 2022 has seen a steady rise in the number of attacks targeted at NFT projects and collection. The report showed that in May alone, the NFT community lost over $22 million to such organized attacks.

The digital asset compliance and risk management system company reported that attacks on these blockchain-based tokens that prove ownership over physical and digital assets are carried out via compromised Discord accounts. NFT minting-related scams have reportedly increased by a whopping 55% between May and June 2022.

In an interview with Decrypt, Monika Laird, TRM Labs investigator explained that “Since 2022, we’ve seen these compromises happening at scale, specifically on Discord”

TRM Labs explained that within two months, it received over 100 reports of attacks on Discord channel via Chainabuse, its reporting platform. Laird explained further that it’s a weekly attack that targets the ERC-721 token, a token standard for non-fungible tokens (NFTs) on the Ethereum blockchain.

Laird believes that a significant portion of these attacks is perpetrated by the same set of hackers, considering the relationship between the wallets and the common consolidation points such as mixers, exchanges, and the rest. The hackers’ suspected other targets include Parallel, Bubbleworld, Anata, Tasties, Lacoste, and others.

In a related development, Yuga Labs, BAYC`’s parent company tweeted recently that “Our security team has been tracking a persistent threat group that targets the NFT community. We believe that they may soon be launching a coordinated attack targeting multiple communities via compromised social media accounts. Please be vigilant and stay safe.”

While TRM Labs didn’t specify the attacks’ origin, Halborn, a blockchain security farm accused some Chinese hackers of carrying out such attacks.

In an interview with Decrypt, the company’s offensive security engineer, Alpcan O`naran explained that “Our analysis indicates that this attack came from a Chinese group that aims for high-value individuals. We are expecting a logarithmic increase in advanced persistent attack (APT) activity and also expect to see different adversaries targeting Web 3.0 companies and individuals.”

Leave a Comment