According to Edgethe bot on the channel made a false announcement that the NFT market is collaborating with YouTube and that users should click on “YouTube Genesis Mint Pass” to get one of the 100 free NFTs before they disappear forever.
As cybercriminals often do phishing emailsthis message instilled a a sense of urgency to get users to click on a link to a site that PeckShield, a blockchain security company, has identified as phishing.
At the same time, since the NFT space tends to move pretty fast, users have known from past experiences that they only had a limited time to get one of the free NFTs, and probably wouldn’t want to miss it.
Although the malicious messages were removed from the Discord OpenSea channel, and the phishing site was also removed, one user said he lost NFT during the incident, and pointed to the address on blockchain belonging to responsible cybercriminals.
View the address on Etherscan.io or in the competing NFT market Rarible shows that 13 NFTs were actually transferred to him from five users around the time of the attack, and based on their prices at the time of the last sale, all five NFTs cost just over $ 18,000.
Although OpenSea has not yet explained how its Discord channel was hacked, one possible explanation is that cybercriminals used web hook functionality which organizations use to control bots that post messages on their channels.
In a statement to EdgeOpenSea spokeswoman Eli Mack provided more details on how the company responded to the incident, saying:
“Last night an attacker was able to post malicious links on several of our Discord channels. We noticed malicious links shortly after posting them and took immediate action to correct the situation, including removing malicious bots and accounts. We also warned our community through our Twitter support channel not to click on the links in our Discord. Our preliminary analysis shows that the attack had limited impact. We currently know of less than 10 damaged wallets and stolen items worth less than 10 ETH ”.