Search This Blog
Powered by Blogger.

Blog Archive

Labels

Load More
Trendy Right Now

Popular Posts

Home Cyber Attacks OpenSea Warns of Discord Channel Hack
Crypto Cyber Attacks Digital Assets Discord Hackers NFT Open Sea

OpenSea Warns of Discord Channel Hack

The scammer also attempted to entice OpenSea users by stating that YouTube would provide "insane utilities" to those who claimed the NFTs.
Sunday, May 08, 2022

 

The nonfungible token (NFT) marketplace OpenSea had a server breach on its primary Discord channel, with hackers posting phoney "Youtube partnership" announcements. A screenshot shared on Friday reveals a phishing site linked to fraudulent collaboration news. 

The marketplace's Discord server was hacked Friday morning, according to OpenSea Support's official Twitter account, which urged users not to click links in the channel. OpenSea has "partnered with YouTube to bring their community into the NFT Space," according to the hacker's original post on the announcements channel. 

It also stated that they will collaborate with OpenSea to create a mint pass that would allow holders to mint their project for free. The attacker appeared to have been able to stay on the server for a long time before OpenSea staff was able to recover control. The hacker uploaded follow-ups to the initial totally bogus statement, reiterating the phoney link and saying that 70% of the supply had already been coined, in an attempt to generate "fear of missing out" in the victims. 

The scammer also tried to persuade OpenSea users by claiming that anyone who claimed the NFTs would receive "insane utilities" from YouTube. They state that this offer is one-of-a-kind and that there would be no other rounds to engage in, which is typical of scammers. As of this writing, on-chain data indicates that 13 wallets have been infiltrated, with the most valued stolen NFT being a Founders' Pass worth about 3.33 ETH ($8,982.58). 

According to initial reports, the hacker used webhooks to get access to server controls. A webhook is a server plugin that lets other software get real-time data. Hackers are increasingly using webhooks as an attack vector since they allow them to send messages from official server accounts. The OpenSea Discord server isn't the only one that uses webhooks. 

In early April, a similar flaw enabled the hacker to utilise official server identities to post phishing links on several popular NFT collections' channels, including Bored Ape Yacht Club, Doodles, and KaijuKings.
Tags: Crypto Cyber Attacks Digital Assets Discord Hackers NFT Open Sea
Share it:

Crypto

Cyber Attacks

Digital Assets

Discord

Hackers

NFT

Open Sea