Hackers Tap Discord’s Broken Server To Rip NFT Projects Off $22 Million

According to a recent analysis by TRM Labs, cyber attacks against NFT collections have steadily risen in 2022.

The spate cost the NFT community over $22 million in May alone.

NFTs are blockchain-based tokens that show ownership over digital or physical assets.

TRM Labs specializes in digital asset compliance and risk management.

In the report, TRM Labs says cyberattacks linked to NFT minting scams deployed through compromised Discord accounts subsequently increased by 55% in June 2022 compared to the previous month.

TRM Labs says it has received over 100 reports of Discord channel hacks in the past two months through its Chainabuse reporting platform.

Yuga Labs, the company behind the NFT status symbol Bored Apes Yacht Club, said on Twitter last week: “Our security team has been tracking a persistent threat group that targets the NFT community.”

“We believe that they may soon be launching a coordinated attack targeting multiple communities via compromised social media accounts. Please be vigilant and stay safe.”

According to TRM Labs, there have been over 150 compromises since May targeting an admin role within a larger NFT project channel.

Once the hackers control the admin account, they send out links to promotional giveaways and “exclusive” NFTs mints pushing people to jump into these malicious websites by creating a false sense of urgency.

TRM Labs says that the rate at which the attacks are happening, and the fact that they occur across multiple blockchains, suggests that they could be separate attacks by rival cyber criminals running scams at the same time using tools provided as a “Scam-as-a-Service,” turn-key, pay-as-you-go services to launch attacks.

In a separate report, blockchain security firm Halborn has also seen an increase in threats targeting crypto, separately pointing to the North Korean Lazarus Group, which the U.S. Treasury Department claims orchestrated the $622 million hack of the Axie Infinity Ronin Network.