OpenSea Discord server hacked, users warned to be vigilant of phishing scams

Published at: May 6, 2022

Nonfungible token (NFT) marketplace OpenSea suffered a server breach on its main Discord channel, with hackers posting fake "Youtube partnership" announcements.

A screenshot shared Friday shows fake collaboration news, accompanied by a link to a phishing site. OpenSea Support's official Twitter account tweeted that the marketplace's Discord server was breached Friday morning and warned users not to click links in the channel.

Do not click links in our Discord. We are continuing to investigate this situation and will share information as we have it. https://t.co/jgtHcXifer

— OpenSea Support (@opensea_support) May 6, 2022

The hacker's initial post, published in the announcements channel, claimed that OpenSea had “partnered with YouTube to bring their community into the NFT Space." It also said that they would c-release a mint pass with OpenSea that would allow holders to mint their project for free.

It appears that the intruder was able to stay on the server for a considerable length of time before OpenSea staff was able to regain control. In an attempt to instill "fear of missing out" in the victims, the hacker reposted follow-ups to the initial fraudulent announcement, rehashing the phony link, and claiming that 70% of the supply had already been minted.

The scammer also attempted to entice OpenSea users by stating that YouTube would provide "insane utilities" to those who claimed the NFTs. They are claiming that this offer is unique and that there would be no further rounds to participate, which is typical of fraudsters.

official message from the founders Doodles discord was penetrated by a hacked bot. Any message put out in any of our channels, ignore for now. We are on it. Our lawyers, friends at discord, and the community are helping us. We will update you as we diagnose the situation.

— doodles (@doodles) February 26, 2022

On-chain data shows 13 wallets that seem to have been compromised as of writing, with the most valuable stolen NFT being a Founders' Pass worth around 3.33 ETH or $8,982.58.

Initial reports suggest that the intruder used webhooks to access server controls. A webhook is a server plugin that allows other software to receive real-time information. Webhooks have been used increasingly as an attack vector by hackers because they provide the ability to send messages from official server accounts.

Related: Ape-themed airdrop phishing scams are on the rise, experts warn

The OpenSea Discord is not the only server to be exploited via webhooks. Several prominent NFT collections' channels, including Bored Ape Yacht Club, Doodles and KaijuKings, were compromised in early April with a similar vulnerability that allowed the hacker to use official server accounts to post phishing links.

Tags
Blockchain
Nft
Ethereum
Hackers
Cybersecurity
Security
Related Posts
Ethereum Classic suffers another 51% attack
The Ethereum Classic (ETC) network was hit by another 51% attack on August 29, causing the reorganization of more than 7,000 blocks just weeks after proposing security upgrades. In a tweet, Ethereum Classic confirmed the attack and promised it is working on potential solutions to the problem. “While ETC is still making progress in evaluating proposed solutions, we are aware of the current risk to the network at these low hash rate levels. To miners, exchanges, and other service providers we suggest keeping confirmation requirements levels well above 7K for now.” The attack comes a few weeks after developers proposed …
Blockchain / Aug. 30, 2020
Crypto hacks are set to hit all-time highs in 2022, analyst explains
Reducing the amount of hacking by improving cybersecurity should be considered a top priority for the crypto industry, said Kim Grauer, director of research of blockchain intelligence firm Chainalysis. As pointed out by the firm, this year could outpace 2021 in terms of crypto stolen through hacks. The vast majority of these exploits have been targeting the field of decentralized finance. “This can't go on in the industry because people are going to lose faith in investing in DeFi platforms”, Grauer said in an interview with Cointelegraph. Unlike centralized exchanges, which have improved their resiliency to crypto hacks, decentralized protocols …
Blockchain / Oct. 19, 2022
North Korean hackers stealing NFTs using nearly 500 phishing domains
Hackers linked to North Korea’s Lazarus Group are reportedly behind a massive phishing campaign targeting non-fungible token (NFT) investors — utilizing nearly 500 phishing domains to dupe victims. Blockchain security firm SlowMist released a report on Dec. 24, revealing the tactics that North Korean Advanced Persistent Threat (APT) groups have used to part NFT investors from their NFTs, including decoy websites disguised as a variety of NFT-related platforms and projects. Examples of these fake websites include a site pretending to be a project associated with the World Cup, as well as sites that impersonate well-known NFT marketplaces such as OpenSea, …
Nft / Dec. 26, 2022
5 sneaky tricks crypto phishing scammers used last year: SlowMist
Blockchain security firm SlowMist has highlighted five common phishing techniques crypto scammers used on victims in 2022, including malicious browser bookmarks, phony sales orders and trojan malware spread on messaging app Discord. It comes after the security firm recorded a total of 303 blockchain security incidents in the year, with 31.6% of these incidents caused by phishing, rug pull or other scams, according to a Jan. 9 SlowMist blockchain security report. Malicious browser bookmarks One of the phishing strategies makes use of bookmark managers, a feature in most modern browsers. SlowMist said scammers have been exploiting these to ultimately gain …
Blockchain / Jan. 10, 2023
Security team creates dashboard to detect potential NFT hacks in OpenSea
A wallet security team released a real-time dashboard that lets community members detect, track and monitor potential nonfungible token (NFT) hacks using offline signatures in the OpenSea marketplace. According to the team behind crypto wallet ZenGo, they created an NFT hack detector using a simple method. This includes tracking realized NFT trades in the NFT marketplace and comparing the trade amount of the NFT collection’s floor price. If the ratio between the two trade values is suspiciously low, it will get flagged as a potential hack. At the time of writing, the dashboard flagged almost $25 million worth of NFTs …
Nft / Feb. 22, 2023