Nonfungible token (NFT) marketplace OpenSea suffered a server breach on its main channel Discord, with hackers posting fake “Youtube partnership” announcements.
A screenshot divided Friday shows fake news about the collaboration, accompanied by a link to a phishing site. The official OpenSea Support Twitter account tweeted that the marketplace’s Discord server was breached on Friday morning and warned users not to click on the channel.
Don’t click on links in our discord.
We are continuing to investigate this situation and will share information as soon as we have it. https://t.co/jgtHcXifer
— OpenSea Support (@opensea_support) May 6, 2022
The hacker’s first post, published on the announcement channel, claimed that OpenSea “partnered with YouTube to bring their community into the NFT space.” free.
It appears that the intruder was able to remain on the server for a considerable amount of time before OpenSea staff were able to regain control. In an attempt to create “fear of missing out” among victims, the hacker managed to repost follow-up reports to the original fraudulent announcement, rehashing the fake link and claiming that 70% of the offer had already been minted.
The scammer also attempted to lure OpenSea users by claiming that YouTube would provide “crazy utilities” to those claiming the NFTs. They claim that this offer is unique and that there will be no more rounds to participate, which is typical for scammers.
official communication of the founders
Doodle’s discord was penetrated by a hacked bot. For now, ignore any message posted on any of our channels. It’s our turn. Our lawyers, friends on Discord and the community are helping us with this. We will update you as soon as we diagnose the situation.
— doodles (@doodles) February 26, 2022
On-chain data shows that at the time of writing, 13 wallets appear to have been compromised, with the most valuable stolen NFT being a Founders Pass worth around 3.33 ETH or $8,982.58.
initial reports indicate that the intruder used webhooks to access server controls. A webhook is a server plugin that allows other software to receive real-time information. Webhooks are increasingly being used as an attack vector by hackers due to their ability to send messages from official server accounts.
Related: Monkey-themed airdrop phishing scams are on the rise, experts warn
The OpenSea Discord is not the only server being exploited via webhooks. Several prominent NFT collection channels, including Bored Ape Yacht Club, Doodles, and KaijuKings, were compromised with a similar vulnerability in early April that allowed the hacker to use official server accounts to post phishing links.
https://cointelegraph.com/news/opensea-discord-server-hacked-users-warned-to-be-vigilant-of-phishing-scams OpenSea Discord server has been hacked, users have been warned to be vigilant of phishing scams