The gaming company and venture capital Hong Kong-based Animoca Brands and its subsidiary Blowfish Studios have promised their users to return the 265 ETH ($ 1.1 million) stolen in a fraudulent sale of non-fungible tokens (NFTs) on Discord.
The fraudulent mint event occurred on November 19 at around 3 p.m. AEDT on the Phantom Galaxies Discord server. Within about three hours, 1,571 fake embossing transactions were made.
Phantom Galaxies is an upcoming Australian game developed by Blowfish Studios. The Phantom Galaxies Discord Server has 94,000 members.
In an increasingly common fact on Discord, Hackers took control of the official Phantom Galaxies server with a malware bot that compromises the two-factor authentication of the administrator account. Once they were in control of the Discord server, the hackers blocked all employee, consultant and community moderator accounts.
Hackers started posting ads claiming that the game kicked off a surprising and instant NFT minting event.. Users were directed to a fraudulent “Phantom Galaxies NFT Embossing Platform” which charged users an “embossing fee” of 0.1 ETH.
Animoca Brands President Yat Siu warned followers of the fraudulent introduction of NFT in a tweet around 4 a.m. AEDT on November 19th.
At 5:22 am he posted another one tweetthat affected customers are “adequately compensated”. This has since been confirmed in a November 24 statement from Animoca that details of the compensation will be announced shortly.
to????Woodz,to???? a California manager on an NFT project named Terra Obscura lost $ 1,000 for this attack. He told Cointelegraph that he realized he was betrayed shortly after he “coined” two non-existent NFTs:
“When he did that, it struck me as a little strange. The gasoline was unusually low and the contract was different. He knew something was wrong, but he wasn’t sure what. “
Woodz added that you “don’t normally click links”, but that he fell into the hacker’s trap because the ad was placed on the official advertising channel.
The attack on Phantom Galaxies follows a similar attack on November 11th that affected famous NFT artist Beeple. Users thought they were signing up for a very affordable NFT launch that was to coincide with their second Christie’s auction.
The perpetrator posed as one of the administrators of the channel and the Beeple Announcement bot to promote a fake NFT start from Beeple on Nifty Gateway.. Since then, Beeple has removed the Discord links from his profileTwitter and other links to the server seem to have stopped working.
According to a report by cybersecurity firm RiskIQ dated Oct. 21 Discord is becoming increasingly popular among cyber criminals. RiskIQ researchers discovered 27 unique types of malware hosted on Discord’s CDN servers.
In April, Talos Intelligence found that out too Hackers are increasingly turning to platforms like Discord to exploit users at home due to COVID-19 restrictions around the world.
“Attackers use collaboration platforms like Discord and Slack to stay under the radar and evade the organizations’ defenses. “he wrote at the time.