The criminal world of the 21st century does not sleep. This is evidenced by a recent report by TRM Labs, a Web3 security expert. According to its data, hackers stole two dozen million dollars from NFT platforms in May alone.
According to the document published by the experts, in 2022 the attackers rapidly increased the number of phishing attacks on NFT-platforms’ discord servers. They became a donor for fraudulent schemes against well-known collections. Among those affected are:
- Bored Ape Yacht Club;
- Bubbleworld;
- Tasties;
- Lacoste;
- Anata;
- Parallel; and others.
Hackers stole a total of $22 million in digital assets from the NFT community over 31 days in May. It later became clear that this was just a warm-up, as the intensity of cyber attacks increased by 55% in June compared to the previous month.
https://twitter.com/trmlabs/status/1551605433621782531
TRM Labs and Yuga Labs believe the same group of hackers is behind the network raids on NFT platforms. The compromised accounts of Discord administrators became a kind of “weapon of mass destruction” and were used to attack NFT.
Since May, security experts have recorded 150 raids aimed at taking control of an admin account. As soon as anonymous users gain access to it, they organize a mass mailing of fake events and exclusive offers to NFT owners. As soon as the user clicks on the link, he’s in the clutches of the scammers.
“Discord is not necessarily the one with the weakness. It is a medium that is quite rich in potential targets. If you’re looking for NFT owners, you go where these people hang out. And it makes obvious sense to build communication with them,” says Chris Janczewski, head of global research at TRM Labs.