Attacks in the digital asset space are pretty common these days. There are more and more attacks that are taking place in the digital asset world and people need to be more careful for sure. According to Cryptopia news today, another phishing attack took place in the Rare Bears Discord that managed to grab a large amount of money before anyone got to know anything at all about the attack. A moderator’s account from the project of Rare Bears was apparently compromised in this particular attack. The account then made a post of the phishing link that could have been used for draining different user wallets.
The Rare Bears Project was an NFT project that was launched quite recently. Apparently, the discord system of the project was hit with an attack, after a hacker posted a phishing link in the project’s Discord channel, stealing nearly $800,000 in NFTs.
Analysis from blockchain security firm Peckshield detailed that the attacker was able to steal 179 NFTs, including Rare Bears and other NFTs from various collections, including CloneX, Azuki, a “mfer” from artist satoshi, and 6 LAND tokens used for The Sandbox metaverse.
According to on-chain analysis, most of the NFTs were sold, netting the hacker 286 ETH, worth over $795,500, most of which was promptly put through Tornado Cash, a crypto mixer used to obfuscate the source of funds.
A slate of similar phishing scams has occurred in recent months on Discord, suggesting some teams need to more carefully consider the security of admin accounts. Earlier today, the Rare Bears team posted that they had hired security consultant and auditor “Pandez” for a full security audit of its Discord.
Phishing Attack on Rare Bears Discord Nabs Money
According to an update posted by the Rare Bears team, the hacker gained access to the account of a Rare Bears Discord moderator known as “Zhodan”, posting an announcement within the group’s channel that a new mint of NFTs was taking place. It was a fake of course a phishing link designed to steal funds from a users’ wallet.
The update from the security audit found that the head of the project’s Discord account was compromised. The attacker, using the compromised account, then banned other members, or removed their roles from the server, thereby removing their ability to delete the posted phishing link. The attacker then invited a bot that locked all channels on the server, removing the ability for others to publicly communicate that the posts and links were fake.
Rare Bears said the team was able to regain control of the server, removing the compromised account and transferring ownership to a new one, and that the server is secure from another attack.
Speaking to Cointelegraph, security consultant Pandez said that users should lookout for a few key signs that could mean a message is a scam. “Almost no serious project will ever do a stealth mint,” Pandez said, “never click any links which appear like this.”
Pandez said other red flags are if channels are locked during a “drop” of a new NFT collection, if the link differs from those shared on Twitter or other official sources for the project, and if the link is continuously posted in the channel.
Discord is one of the places where past attacks like that have taken place. Just in the month of December, Solana NFT project Monkey Kingdom announced that hackers made off with $1.3 million of the community’s crypto funds after a security breach. According to Cryptopia news today, the attackers there also posted a phishing link that drained users’ wallets. Just the past November, members of the Discord of popular NFT artist Beeple were also scammed, with attackers gaining access to a moderator’s account to post a phishing link, similarly draining user funds.
Join our Telegram Channel to get the best notification regarding Pricing Prediction, Trading Analysis, News, Blogs, and interviews.