Polygon, Avalanche and ZkSync targeted in Discord attack

Crypto scammers have targeted multiple Discord servers of popular cryptocurrency projects to promote malicious links, with one attack leading to a $150,000 loss.

Discord is a popular social media platform used by several cryptocurrency communities and projects.

It allows project teams to engage with their communities in real time through voice, video, and text.

A series of attacks

On August 24, scammers infiltrated the Discord server of the Ethereum layer-2 scaling solution Polygon. Mudit Gupta, Polygon’s chief information security officer, flagged the incident and urged community members to avoid clicking any links shared on the server.

The severity of the incident is highlighted by the fact that Gupta has confirmed that all accounts with administrative privileges have enabled two-factor authentication (2FA).

One community member pointed out that scam links were being posted on the project’s announcement channel, further adding that the attackers were also controlling the server’s support channel.

At the time of publication, only one user reported losing $150,000 worth of Ether after engaging with one of the malicious links posted by the scammers.

Scammers also took over social media platform X, trying to social engineer the affected user to contact fake Polygon support impersonators or crypto recovery services.

The Polygon team managed to regain control of the server roughly four hours after the attack 

Layer-1 network Avalanche also saw its Discord server breached the following day.

According to the project’s official X account, the breach happened on August 25, and scammers posted fake announcements about a large-scale token distribution of AVAX,  the project’s native cryptocurrency.

The post contained a link redirecting users to a fake website as a part of what most likely seems like a phishing campaign.

Avalanche’s community lead, Ben Well, confirmed an hour later that the project had regained control of the server and that all roles and channels suspected to be involved had been removed.

While it hasn’t been confirmed whether the attacks were orchestrated by a single entity, ZkSync, another layer-2 scaling project on Ethereum, was also allegedly targeted the same day. Upon writing the report, ZkSync was yet to confirm the breach, but the attack was similar to that seen with Avalanche, promoting a fake airdrop.

Rise in phishing scams

The attacks coincide with a surge in phishing scams, as blockchain security firm Scam Sniffer reported in July, noting a spike of 6.44% in the first half of 2024 compared to the previous year.

Most attacks transpired on X, with roughly 80% of comments responding to posts from official crypto projects believed to have been phishing links.

In another notable incident this year, the website of decentralised lending platform Compound Finance was hijacked on July 11 to promote a phishing attack.

Anyone attempting to reach Compound Finance’s website was redirected to a replica controlled by the attackers. Reportedly, no funds were lost in the attack.

The post Polygon, Avalanche and ZkSync targeted in Discord attack appeared first on Invezz