Quick take:
- A bot promoted a linked promoting an OpenSea mint pass in collaboration with YouTube.
- Peckshield identified the link as a phishing site.
- One user has lost NFTs in the phishing attack.
OpenSea’s Discord server was compromised by a spambot today to promote an NFT scam.
NOW – OpenSea Discord is hacked, beware of minting and opening links 🚨
— NFTgators 🐊 (@NFTgators) May 6, 2022
According to a screenshot, the bot hijacked the announcement channel to make a fake announcement about OpenSea partnering with Youtube and offering a free mint pass with “insane utilities”. The announcement directed users to “youtubenft[.]art”, which is now unavailable. Blockchain security firm Peckshield identified the link as a phishing site.
Following the hack, OpenSea warned users not to click on any links. While the attacker’s messages and phishing site have been removed from the Discord server and the announcement channel has now been hidden from users, at least one person fell victim to the scam. According to The Verge, the victim identified this wallet address as belonging to the attacker.
While the wallet has been blocked on OpenSea, Etherscan shows that 13 NFTs were transferred from five sources to the wallet around the time of the attack. These NFTs have now been reported on OpenSea for “suspicious activity” and are worth over $18,000 based on the prices of their last sales.
Speaking to The Verge, OpenSea spokesperson Allie Mack confirmed the incident, saying: “Last night, an attacker was able to post malicious links in several of our Discord channels. We noticed the malicious links soon after they were posted and took immediate steps to remedy the situation, including removing the malicious bots and accounts. We also alerted our community via our Twitter support channel to not click any links in our Discord. We have not seen any new malicious posts since 4:30am ET.”
“We continue to actively investigate this attack, and will keep our community apprised of any relevant new information. Our preliminary analysis indicates that the attack had limited impact. We are currently aware of fewer than 10 impacted wallets and stolen items amounting to less than 10 ETH,” she added.
This phishing attack was similar to the one launched on Bored Ape Yacht Club’s (BAYC) Discord server on Apr 1, when a hacker posted a phishing link disguised as a “stealth NFT mint” in the MAKC channel. In the same month, BAYC warned users against any minting activity amidst fears that its Instagram was hacked.
The Instagram hack resulted in $2.8 million worth of NFTs stolen. DeFiance Capital founder Arthur Cheong recently warned that North Korean hackers are targeting the entire crypto space, though they employ spear-phishing attack methods that are different from the ones launched in Discord servers.
Stay up to date:
