- According to on-chain analyst OKHotshot, 107 NFT Discords have been compromised within the last four weeks.
- The exploitation of NFTs has hiked 50.7% in June-July from the previous months.
- OpenSea revealed their data leak might lead to a surge of phishing attacks.
There have been 107 NFT Discord channels exploited through social engineering within the last four weeks (from June 2 to July 2), on-chain analyst OKHotShot revealed through a social media post. The compromised collections include big projects like BAYC, KnowOrigin, Lacoste, and Memeland (9gag), to name a few.
In the past 4 weeks 107 #NFT discords have been exploited through social engineering including big projects like BAYC, Known Origin, and Boss Beauties
Millions have been stolen. These are REAL crimes with real victims. Stay vigilant 👇 pic.twitter.com/QYNuGCObND
— OKHotshot (@NFTherder) July 3, 2022
In an attempt to warn investors, OKHotShot requests NFT buyers and holders to “stay vigilant.” In the following posts, @NFTherder revealed that 71 Discords were compromised in May, and the number hiked to 107 in June, which shows a sharp surge of 50.7%.
Last week, the world’s biggest NFT marketplace, OpenSea, also warned its users to stay safe from phishing attacks. The platform alerted its customers and newsletter subscribers to avoid opening emails and files “sent by strangers” after revealing that they have witnessed a massive data breach.
OpenSea informed via its official blog post that 1.8 million users could be impacted by the data breach, for which phishing and spam attempts might increase. Earlier in May, the company’s Discord server was targeted by a cybercriminal to promote scam drops. Before that, in January, OpenSea had to reimburse $1.8 million for an NFT that was sold without permission.
Recently, Women and Weapons NFTs were also hacked, to which the creator of the collection, Sara Baumann, asked the investors to remain careful. She further reminded them, saying, “[W]e (Women and Weapons NFT) do not offer surprise mints or giveaways and will never ask for you to connect your wallet for any reason.”
At the beginning of June, the popular NFT project Bored Ape Yacht Club (BAYC) announced that its Discord servers were subjected to a “brief exploit” as NFTs worth 200 ETH were stolen from users.