Once again, the Discord servers of crypto-related projects have been the target of phishing attacks, when a malicious actor impersonates a legitimate organization to obtain sensitive data from victims, such as access to digital asset wallets.
One of the victims was the play-to-earn (P2E) blockchain game Axie Infinity. But non-fungible token projects (NFTs) such as the Moonbirds and PROOF collections were also affected. Virtual sneaker company RTFKT, which partnered with Nike to launch a virtual sneaker, was also a target of the attack.
Phishing Attacks on NFT Projects
The attacks were reported by blockchain security firm PeckShield on its Twitter account.
#PeckShieldAlert #phishing Seems like several #NFT discords were compromised. Stay safe! @CyberConnectHQ @proof_xyz @RTFKT @Moonbirds @memeland #NFT community share to raise awareness. pic.twitter.com/7PuwWNgXJe— PeckShieldAlert (@PeckShieldAlert) May 18, 2022
Subsequently, some of the mentioned projects confirmed the invasion. The Axie Infinity, for example, stated that the attack was a false advertisement about coinage.
“There was a compromise of the Mee6 bot which was installed on the main Axie server. The attackers used that bot to add permissions to a fake Jiho account, which then posted a fake announcement about a mint.”
Then the Axie team reported that the malicious ads were deleted. However, it noted that some users may still see the message until they restart Discord.
“We removed the Mee6 bot from the server and we will never surprise you. Major announcements will be announced on Twitter, Discord, Substack and Facebook simultaneously.”
Some other projects also confirmed the attack. Cyber Connect, for example, has warned users that it will never ask for their private keys through Discord:
“Please do not click on any links”, they said. “Our team is working to resolve the situation with bot security on our server.”
Likewise, the Memeland team alerted its users to the attack and suggested that the bot had been compromised:
“It looks like the MEE6 bot is compromised. Please do not click on any links on our Discord. We are investigating and working on it.” he said Memeland on Twitter.
Despite Memeland hinting that the bot was compromised, the MEE6 team denied it:
“MEE6 has never been, is or will be compromised,” a team member said on Discord.
The MEE6 bot allows users to create automatic commands for sending messages, according to its website.
As of press time, ROOF, RTFKT and Moonbirds have not confirmed the attack on their Discords.