Discord and NFT – The new Eldorado for hackers

Brave hacker, nothing is impossible! – And when a social network is in vogue, coupled with strong earning potential, it doesn’t last long hackers don’t come to settle. Discord bears the brunt of this with all the NFT projects it hosts.

Sow discord to reap substantial gains

Tag 14 friends, like, RT, dance on your feet wrapped in a cement blanket and join Discord! »

Who has never seen this kind of message on Twitter inviting people to join a channel on Disagreement for a chance to win one NFTdeveloped by a project seeking to make itself known?

If you saw them pass, so did the hackers. And what are the conditions for a hacker to be interested in something?

  1. That what is presented is used by as many people as possible
  2. That there is a potential and consequent preferential gain.

Projects NFT hosted on Discord meets both of these requirements. In fact, Discord has become the reference platform for all projects, whether they are reliable or not. If you keep up with what’s going on in the NFT world, you must be a member of about twenty lounges. You had to identify yourself, verify your wallet. You may have passed by an external site to obtain a certification to give you a “grade” on the project.

It’s all the small steps which allows you to make an impressioncreate, an NFT that hackers use to siphon your wallet, the project’s, and all those unfortunate enough to click on the wrong link.

Heat, NFT and unprotected rooms, the perfect trio!

In June was phishing attackthe most used, increased by more than 55% compared to May, just on Discord. It is estimated that the hackers recovered more than 22 million dollars in less than 2 months.

List of hacks since June – Source: TRM Labs

Many of these hacks go unnoticed by the user because the person asking you to click on a fraudulent link is none other than the administrator from the Discord room. In fact, many of these scams use bugs that allow you to take control of administrator accounts.
The rest is easy, just post on shows, a link that seems honest, related to the project, and the community takes the bait. some wise disable even full moderator rights. Therefore, they can do nothing but witness the massacre, without being able to intervene or warn the project members.

>> Forget fraud. Prefer peace of mind by buying Bitcoin with Bitstack… and earn 5€ BTC with code JDC5 (commercial link) <

Hackers are betting a lot on the fact that in this kind of NFT project everything is done in urgent. Contests are fleeting, sometimes you only have a few hours or even minutes to validate an action to have a potential chance to win.

So when hackers post a malicious link, users jump on it to be the first to win. And above all, the first to lose.

Don’t imagine that only small projects get hacked. Although it is actually easier to hack a small living room, certainly poorly protected, the great masters of NFT also had. BAYC, LacosteBubbleWorld and many others are at the top of the list along with small projects.

“Our Discord servers were briefly exploited today. The team responded and dealt with quickly. About 200 ETH of NFT appears to have been affected. We are still investigating, but if you have been affected please email us at [email protected] »

Bored Ape Yacht Club (@BoredApeYC)

Once your cryptos, or worse, your NFTs are stolen, they are quickly resold via NFT market platforms like OpenSea, for ETH in general.

The hackers then distribute the winnings to multiple wallets. Then they go through protocols like Tornado cash. These make it possible to hide transactions in order to spread the winnings to other wallets. Neither seen nor known.

The actions, that looks like each time, is definitely the work in the same group. They are fast, efficient and contact informationto exploit vulnerabilities on several projects simultaneously.

Even now, it is a first shield to be aware that these fraudulent maneuvers exist. Awareness will prevent you from clicking through and through, especially when the proposition seems too good to be true.

If a link, contest or any other suggestion made on the show seems suspicious to you, do not click. Isn’t it better to miss out on a real opportunity to win an NFT (which, let’s face it, will be useless to you in 99% of cases) than to see your wallet empty in seconds?

Disagreement

On the side of the creators of the shows there are a series of checks and manipulations to be performed to best ensure their disagreement.

So make sure admins know what they’re doing. Ask questions, don’t hesitate to visit all rooms to ask the moderators. If you feel that it annoys them or that they take safety lightly, run away ! You will have the opportunity to find other projects in the week, day or even minute that follows!

It is difficult to know if a project is serious. And although there are many methods of analysis and often apparent red flags, even the most honest (and well-known) projects are susceptible to being hacked.
Unfortunately, there is no magic method to avoid falling into the trap. The best protection in history is you. Take your time to read, learn, follow social networks and above all don’t click in a hurry just to win a whitelist so you can coins a dead squirrel NFT.

Put your cryptos safely in your wallet. Buying Bitcoin without even realizing it, register on Bitstack… and earn 5€ BTC for free thanks to the code JDC5 (commercial link)!

Leave a Comment