Another NFT Discord channel has been hacked once again. Tasties NFT becomes the latest casualty of a discord breach where a hacker sent a message to users announcing a release of the Tasties Membership Pass.
Tasties NFT Discord Channel Breach
On the platform’s discord, a hacker claimed to have a limited number of Tasties NFT NFT passes. They lured users to approve a transaction that would enable stacking features at a free price by clicking on a link.
Some concerned users are questioning if there is a likelihood that these Discord hacks are intentional by the team/admins themselves. Wallet Guard speculates that it might be the team because of the many times it keeps happening. It is alarming how they allowed mods to be sent to everyone.
On May 19th, Hackers exploited a popular Discord bot to deceive users into clicking malicious links inside Discord servers of popular NFT projects. PeckShield, a blockchain cybersecurity firm, alerted users of Discord. The hackers targeted PROOF/Moonbirds, Memeland, RTFKT, and Web3 infrastructure company CyberConnect.
Memeland alerted its users on Twitter to stay vigilant at all times. They advised its users to deauthorize unknown/unused apps in their settings. Users were asked not to click on any link. Memeland confirmed that the hackers control the Discord bot mee6. That bot is used by more than 16 million Discord servers.
CyberConnect also asked its users not to click on any links. They said that they would never ask their users for their private keys. They said their team was working to resolve the situation with the bot’s security on their server.
Other Instances of Discord Hacks
Hackers also hacked the official Discord for the popular NFT marketplace, OpenSea, netting just under $20,000 in ill-gotten NFTs on May 6th last month. They sent a bot message that tricked users into visiting a fake website. This was set up to gain access to crypto wallets.
Serpent, a pseudonymous developer of Sentinel, which is software for detecting Discord hacks aimed at crypto investors, alerted people on Twitter about the breach. The scam message pointed to a website that resembled YouTube. Victims thought they were connecting their wallets to get one of the first NFTs from a new YouTube project.
Some users in OpenSea’s discord said that NFTs were stolen from them. Etherscan tried to follow up on the stolen NFTs but they found that the address had not been marked. The motherboard couldn’t verify the address beyond Discord users’ reports.
Discord uses bots to automatically post announcements across channels and reach users effectively. This makes it a great target for scammers and hackers. They serve the purpose of being official messages from the admins of the Discord server. These bots are a huge liability in terms of security. If you are on Discord, trust nothing and no one.
These incidents are just a few of a long string of hacks and scams targeting Discord. Most crypto projects have also been targeted including blue-chip NFT collections like Bored Ape Yacht Club. It was among a targeted hacking campaign that hit multiple NFT collections. Other victims of the hack were one of the most popular play-to-earn video games, Infinity, NFT project Cool Cats, APIENS, and Burrito Boyz.