HomeCryptocurrencyDiscord NFT scams increase by 55% in June causing $22 million...

Discord NFT scams increase by 55% in June causing $22 million lose

TRM Labs, a digital asset compliance and risk consulting firm, issued an investigation report on Discord fraud and phishing attacks in recent months on July 25, saying that with the popularity of NFT projects, Discord attracts more and more hackers, using stolen Discord accounts in a single month in June. NFT-related minting scam phishing attacks increased by 55%, costing the entire NFT community around $22 million since May.

Chainabuse, a fraud reporting platform operated by TRM Labs, has received more than 100 Discord attack reports since May.

Discord NFT scams increase by 55 in June causing 22 million lose
The attack record of the NFT project Discord from June 2 to 10. (Source: TRM Labs)

Common scams used by Discord hackers

According to TRM Labs analysis, many hackers attacking the NFT project Discord use similar scams:

Sophisticated social engineering attacks such as phishing and impersonating administrators with fraudulent accounts.
Exploiting bot vulnerabilities such as Mee6, allowing administrators to automatically assign and delete roles and send community messages.
In some cases, attackers even updated admin settings to prevent Discord moderators from interfering with hacking operations.
TRM Labs pointed out that hackers are trying to exploit the sense of urgency often associated with NFT minting events to prompt users to act quickly so as not to miss out on freebies or limited whitelists. Below is a phishing image of scammers enticing ​​Discord channel members to click on a link.

Discord NFT scams increase by 55 in June causing 22 million lose-2

For well-known projects, the source of the attack is highly relevant

The TRM Labs report also mentioned that phishing mainly attacks many well-known NFT projects such as BAYC, Bubbleworld, Parallel, Lacoste, Tasties, and Anata. The attackers deliberately promoted “BAYC, MAYC and Otherside exclusive giveaways” to users with valuable NFTs, and provided scam links that prompted users to send mint fees in ETH.

When the victim clicks on the link, the transaction hacks into the wallet and transfers the NFT to the attacker’s wallet. Unbeknownst to the victim, this sets the setApprovalForAll or similar call function for the wallet, allowing the attacker to approve the wallet to transfer the NFT to the specified wallet address. In the end, the stolen NFTs are all transferred to the wallet designated by the attacker.

TRM Labs Investigations utilizes tool to track scammer wallets related to Yuga Labs NFTs. They sold the stolen goods and distributed the proceeds of the stolen goods to three wallet addresses, and then used the money mixing platform Tornado Cash and intermediate wallets to launder the money. Three wallets were exposed in May and June. After the funds were transferred, part of them eventually flowed into one of the exchange’s wallets, which was also found to be related to the Discord leak.

The number of attackers involved is still unknown, security companies: or from within China

TRM Labs reiterated that although the investigation is active, it is difficult to know the number and shape of the prisoners due to the speed of the crime. TRM suspects that the attacks were coordinated by different hackers to execute the scam on a large scale, but have not proven the source of the attacks.

Decrypt reported that the blockchain security company Halbornpd investigated fraud incidents in recent months, and the attack security engineer boldly stated that the attack originated from China:

Our analysis points to this attack coming from a Chinese group, mainly targeting high-value users. We expect logarithmic growth in Advanced Persistent Attack (APT) activity, and we also expect to see the emergence of their own adversaries targeting Web 3.0 companies and retail customers.

Mehmet S. Kaya
Mehmet S. Kayahttps://teknonel.com
Mehmet is one of the administrator of Teknonel. As a software developer, he loves to share his knowledge in related topics. He is highly familiar with the editorial process from the inception of an article idea, through the iterative process, publishing, and performance analysis as well as product reviews.

Follow us on Social Media!

12FansLike
15,848FollowersFollow
13FollowersFollow
676SubscribersSubscribe

Related Articles

Binance’s BNB Chain bridge was hacked: $718 million lose is calculated

The BNB Chain developed by the cryptocurrency exchange Binance was hacked in the early morning of the 7th! The official cross-chain bridge (BSC Token...

Microstrategy is not afraid of bear market and buys 301 Bitcoins

Long-term optimistic about Bitcoin's micro-strategy, he entered the market again to buy 301 BTC, with a total investment of about 6 million US dollars,...

Hackers use Deepfake to impersonate Binance executives’ faces for cryptocurrency scams

A Binance executive pointed out that the hacker group used Deepfake (deep fake technology) to create an AI holographic projection like his face, and...

ETH option contracts will be released before Ethereum upgrade on September 15

Ethereum is about to usher in the much-anticipated Ethereum 2.0 mainnet on September 15th. Many people believe that Ethereum will usher in a surge...

Explore More Articles

Best 300 - 350 Watt Power Supply Units-min

4 Best 300 – 350 Watt Power Supply Units

0
The power supply provides electrical current to all of the computer components. The power supply unit must have sufficient power to supply the various...

HDR: Definition, Advantages and Importance

0
HDR stands for "High Dynamic Range". The goal is to translate as well as possible, on a photo or a video, what the human...
The world's largest electric boat with a capacity of 2,100 people

The world’s largest electric boat with a capacity of 2,100 people

0
Electric vehicles can help reduce carbon emissions, so if ferries that are larger and use more fuel are electrified, can they further reduce carbon...