According to a recent analysis by TRM Labs, cyberattacks on NFT collections steadily increased in 2022, causing more than $ 22 million in damage to the NFT community in May alone. NFTs are blockchain-based tokens that show ownership of digital or physical assets.
In a report, TRM Labs, which specializes in digital asset compliance and risk management, reported that cyberattacks related to NFT mining scams deployed through compromised Discord accounts were 55 in June 2022 compared to the previous month. It states that it has increased by%.
The NFT community has suffered more than 150 compromises targeting NFT projects' Discord servers since May 2022. A sampling… (1/2) pic.twitter.com/cEdPaV5mQI
— TRM Labs (@trmlabs) July 25, 2022
TRM Labs states that it has received over 100 reports of Discord channel hacking through the Chainabuse reporting platform in the last two months. According to Laird, attacks occur weekly and often target ERC-721 tokens. This is the Ethereum blockchain token standard for irreplaceable tokens.
On the on-chain side, she said, the relationship between common integration points (exchanges, mixers) and wallets suggests that the same actor is carrying out most of these attacks.
Our security team has been tracking a persistent threat group that targets the NFT community. We believe that they may soon be launching a coordinated attack targeting multiple communities via compromised social media accounts. Please be vigilant and stay safe.
— Yuga Labs (@yugalabs) July 18, 2022
According to TRM Labs, data on the chain suggests that many of Discord’s breaches are related to the same hacker who targeted the Bored Ape Yacht Club in June. Other target projects, according to the company, include Bubbleworld, Parallel, Lacoste, Tasties and Anata, and more.
Our Discord servers were briefly exploited today. The team caught and addressed it quickly. About 200 ETH worth of NFTs appear to have been impacted. We are still investigating, but if you were impacted, email us at firstname.lastname@example.org.
— Bored Ape Yacht Club (@BoredApeYC) June 4, 2022
As Laird explained, since May there have been over 150 breaches targeting administrator roles within the larger NFT project channel. When a hacker controls an admin account, it sends a free gift or a link to an “exclusive” NFT mint, creating a false sense of urgency and prompting you to jump to these malicious websites.
“Discord itself isn’t necessarily weak, but it’s just a very targeted environment,” said Chris Janczewski, Global Research Director at TRM Labs. “If you’re looking for someone who owns an NFT, there’s a point where you can go to where they’re all hanging out and [contact] them.”
Although cyberattacks on Discord have been successful, Laird has pointed out that hackers have also compromised Twitter and Instagram accounts in recent months.
According to TRM Labs, the speed at which attacks occur and the fact that they occur on multiple blockchains are rivals performing simultaneous fraud using tools designed as “fraud as a service”. Suggests that it may be an individual attack by a cybercriminal. , Turnkey pay-as-you-go service for launching attacks.
>> See also: FTX review 2022: FTX sign up for beginners.