Polygon, Avalanche and ZkSync targeted in Discord attack

3 weeks ago 8

Crypto scammers have targeted multiple Discord servers of popular cryptocurrency projects to promote malicious links, with one attack leading to a $150,000 loss.

Discord is a popular social media platform used by several cryptocurrency communities and projects.

It allows project teams to engage with their communities in real time through voice, video, and text.

A series of attacks

On August 24, scammers infiltrated the Discord server of the Ethereum layer-2 scaling solution Polygon. Mudit Gupta, Polygon’s chief information security officer, flagged the incident and urged community members to avoid clicking any links shared on the server.

PSA: Do not click on any links in the @0xPolygon community discord until further notice.

It has been compromised and we're trying to get back ownership.

— Mudit Gupta (@Mudit__Gupta) August 24, 2024

The severity of the incident is highlighted by the fact that Gupta has confirmed that all accounts with administrative privileges have enabled two-factor authentication (2FA).

One community member pointed out that scam links were being posted on the project’s announcement channel, further adding that the attackers were also controlling the server’s support channel.

At the time of publication, only one user reported losing $150,000 worth of Ether after engaging with one of the malicious links posted by the scammers.

Scammers also took over social media platform X, trying to social engineer the affected user to contact fake Polygon support impersonators or crypto recovery services.

Complain the problem to them through ( metamask.guideapp@gmail.com) to resolve the issues. They respond faster

— Sherry (@Battycatterz77) August 24, 2024

The Polygon team managed to regain control of the server roughly four hours after the attack

Layer-1 network Avalanche also saw its Discord server breached the following day.

According to the project’s official X account, the breach happened on August 25, and scammers posted fake announcements about a large-scale token distribution of AVAX, the project’s native cryptocurrency.

Avax discord looking sus…disabled chat in all channels and an announcement about “claiming Avax from the foundation”

My advice?

…don’t click anything in that discord for a while… pic.twitter.com/x9MLy4vPeX

— Stog Chog🔺 (@stogchog) August 25, 2024

The post contained a link redirecting users to a fake website as a part of what most likely seems like a phishing campaign.

Avalanche’s community lead, Ben Well, confirmed an hour later that the project had regained control of the server and that all roles and channels suspected to be involved had been removed.

While it hasn’t been confirmed whether the attacks were orchestrated by a single entity, ZkSync, another layer-2 scaling project on Ethereum, was also allegedly targeted the same day. Upon writing the report, ZkSync was yet to confirm the breach, but the attack was similar to that seen with Avalanche, promoting a fake airdrop.

ZKsync discord hacked pic.twitter.com/tRtHG8i5qk

— HammerToesKnows (@hammertoesknows) August 25, 2024

Rise in phishing scams

The attacks coincide with a surge in phishing scams, as blockchain security firm Scam Sniffer reported in July, noting a spike of 6.44% in the first half of 2024 compared to the previous year.

Most attacks transpired on X, with roughly 80% of comments responding to posts from official crypto projects believed to have been phishing links.

In another notable incident this year, the website of decentralised lending platform Compound Finance was hijacked on July 11 to promote a phishing attack.

Anyone attempting to reach Compound Finance’s website was redirected to a replica controlled by the attackers. Reportedly, no funds were lost in the attack.

The post Polygon, Avalanche and ZkSync targeted in Discord attack appeared first on Invezz

Read Entire Article