HomeCryptocurrencyDiscord NFT scams increase by 55% in June causing $22 million...

Discord NFT scams increase by 55% in June causing $22 million lose

TRM Labs, a digital asset compliance and risk consulting firm, issued an investigation report on Discord fraud and phishing attacks in recent months on July 25, saying that with the popularity of NFT projects, Discord attracts more and more hackers, using stolen Discord accounts in a single month in June. NFT-related minting scam phishing attacks increased by 55%, costing the entire NFT community around $22 million since May.

Chainabuse, a fraud reporting platform operated by TRM Labs, has received more than 100 Discord attack reports since May.

Discord NFT scams increase by 55 in June causing 22 million lose
The attack record of the NFT project Discord from June 2 to 10. (Source: TRM Labs)

Common scams used by Discord hackers

According to TRM Labs analysis, many hackers attacking the NFT project Discord use similar scams:

Sophisticated social engineering attacks such as phishing and impersonating administrators with fraudulent accounts.
Exploiting bot vulnerabilities such as Mee6, allowing administrators to automatically assign and delete roles and send community messages.
In some cases, attackers even updated admin settings to prevent Discord moderators from interfering with hacking operations.
TRM Labs pointed out that hackers are trying to exploit the sense of urgency often associated with NFT minting events to prompt users to act quickly so as not to miss out on freebies or limited whitelists. Below is a phishing image of scammers enticing ​​Discord channel members to click on a link.

Discord NFT scams increase by 55 in June causing 22 million lose-2

For well-known projects, the source of the attack is highly relevant

The TRM Labs report also mentioned that phishing mainly attacks many well-known NFT projects such as BAYC, Bubbleworld, Parallel, Lacoste, Tasties, and Anata. The attackers deliberately promoted “BAYC, MAYC and Otherside exclusive giveaways” to users with valuable NFTs, and provided scam links that prompted users to send mint fees in ETH.

When the victim clicks on the link, the transaction hacks into the wallet and transfers the NFT to the attacker’s wallet. Unbeknownst to the victim, this sets the setApprovalForAll or similar call function for the wallet, allowing the attacker to approve the wallet to transfer the NFT to the specified wallet address. In the end, the stolen NFTs are all transferred to the wallet designated by the attacker.

TRM Labs Investigations utilizes tool to track scammer wallets related to Yuga Labs NFTs. They sold the stolen goods and distributed the proceeds of the stolen goods to three wallet addresses, and then used the money mixing platform Tornado Cash and intermediate wallets to launder the money. Three wallets were exposed in May and June. After the funds were transferred, part of them eventually flowed into one of the exchange’s wallets, which was also found to be related to the Discord leak.

The number of attackers involved is still unknown, security companies: or from within China

TRM Labs reiterated that although the investigation is active, it is difficult to know the number and shape of the prisoners due to the speed of the crime. TRM suspects that the attacks were coordinated by different hackers to execute the scam on a large scale, but have not proven the source of the attacks.

Decrypt reported that the blockchain security company Halbornpd investigated fraud incidents in recent months, and the attack security engineer boldly stated that the attack originated from China:

Our analysis points to this attack coming from a Chinese group, mainly targeting high-value users. We expect logarithmic growth in Advanced Persistent Attack (APT) activity, and we also expect to see the emergence of their own adversaries targeting Web 3.0 companies and retail customers.

Mehmet S. Kaya
Mehmet S. Kayahttps://teknonel.com
Mehmet is one of the administrator of Teknonel. As a software developer, he loves to share his knowledge in related topics. He is highly familiar with the editorial process from the inception of an article idea, through the iterative process, publishing, and performance analysis as well as product reviews.

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Best Deals Today

Follow us on Social Media!

12FansLike
15,848FollowersFollow
13FollowersFollow
656SubscribersSubscribe

Related Articles

Explore More Articles

Ranch Simulator 2 Release Date and News-min

Ranch Simulator 2: Release Date and News

0
Co-op farming and hunting title known as Ranch Simulator, joy a decrepit plot of land and bare infested mountains you. The game allows up...
Construction Simulator 2022 How to make money fast2-min

Construction Simulator 2022: How to make money fast?

0
Construction Simulator is a new simulation game that has just been released. Lots of players struggle to get started this fairly complex game and...
Construction Simulator 2022 How to get Loan-main

Construction Simulator 2022: How to get Loan?

0
Getting into a construction is no cheap work. There are many expenses to start building something in construction Simulator 2022. But the game makes...
Construction Simulator 2022 How to Use Fast Travel-min

Construction Simulator 2022: How to Use Fast Travel?

0
Construction Simulator 2022 is a game that mostly focuses on building and using construction vehicles instead of making players go around and drive. In...