OpenSea, a non-fungible token marketplace, has become the victim of a hack on its main Discord channel. The breach has allowed the threat actors to post fake announcements about partnerships between OpenSea and other projects.
OpenSea’s Discord channel hacked
OpenSea shared a screenshot on May 6 showing the fake news about partnerships. The screenshot also contained a link to a phishing website. The official Twitter account for OpenSea’s support posted that the Discord server for the NFT marketplace had been breached on Friday morning. The company even issued a warning to users, urging them not to follow any of the links posted on the channel.
The first post made by the hacker included an announcement channel claiming that the NFT marketplace had “partnered with YouTube to bring their community into the NFT Space.” The company also said it would publish a mint pass with OpenSea to allow holders to mint their NFT project at no cost.
The hacker remained on the server for a long time before OpenSea could recover the account. However, the hacker had already engaged in several attempts to trigger users into reacting to the announcement by instilling the fear of missing out. The hacker posted follow-up posts, and it claimed that 70% of the supply had been minted.
The hacker also tried to entice the users on OpenSea by saying that YouTube would offer “insane utilities.” These utilities would be given to those who claimed the NFTs. They also claimed that the offer would be unique and that additional rounds would not be required for participation.
On-chain metrics reveal that 13 wallets have been compromised so far, and the most valuable NFT that was stolen was Founders’ Pass, valued at 3.33 Ether, equivalent to around $8900.
Webhooks attributed to server breach
The first reports said that the intruder adopted Webhooks to access the server controls. Webhooks are server plugins that allow other software to receive real-time information. Webhooks are gaining increased use as an attack vector for hackers because they facilitate messaging with the official server accounts.
Webhooks have not only been used to attack the OpenSea discord server but have also been used to attack popular NFT collections. The Bored Ape Yacht Club, KaijuKIngs and Doodles were breached early last month after exploiting a similar vulnerability allowing hackers to use the official server accounts to publish phishing links.
Your capital is at risk.