27/07/2022 NFT Projects Lost $22M to Largely the Same Hackers on Discord: Reports

One analysis concludes that hackers targeting Bored Ape Yacht Club and other NFT projects are part of a 'wider network.'

hackers-gID_5.jpg

Two Web3 security firms have issued reports focused on the recent scourge of hacks targeting NFT projects, likely by a linked group of hackers using compromised Discord server administrator accounts.

According to arecent analysisby TRM Labs, cyber attacks against NFT collections have steadily risen in 2022, costing the NFT community over $22 million in May alone. NFTsare blockchain-based tokens that show ownership over digital or physical assets.

Yuga Labs restructures, NFT prices grow: what’s next for the market?
Bitcoin Leads 30-Day NFT Sales, Outpacing 24 Blockchain Competitors
How East Goes Global’s NFT Partnership Is Empowering Artists

In the report,TRM Labs—which specializes in digital asset compliance and risk management—says cyberattacks linked to NFT minting scams deployed through compromised Discord accounts subsequently increased by 55% in June 2022 compared to the previous month.

"Since 2022, we've seen these compromises happening at scale, specifically on Discord," TRM Labs investigator Monika Laird toldDecryptin an interview.

TRM Labs says it has received over 100 reports of Discord channel hacks in the past two months through itsChainabusereporting platform. Laird says that the attacks happen weekly and often targetERC-721tokens, which is a token standard on the Ethereum blockchain for non-fungible tokens.

On the on-chain side, she said the relationship between the common consolidation points (exchanges, mixers) and wallets suggests that the same actors run the bulk of these attacks.

Yuga Labs, the company behind the NFT status symbol Bored Apes Yacht Club, said on Twitter last week: "Our security team has been tracking a persistent threat group that targets the NFT community. We believe that they may soon be launching a coordinated attack targeting multiple communities via compromised social media accounts. Please be vigilant and stay safe."

TRM Labs says on-chain data suggest many of the Discord compromises are linked to the same hacker that targeted theBored Ape Yacht Clubin June. According to the firm, other targeted projects include Bubbleworld, Parallel, Lacoste, Tasties, Anata, and more.

As Laird explained, there have been over 150 compromises since May targeting an admin role within a larger NFT project channel. Once the hackers control the admin account, they send out links to promotional giveaways and "exclusive" NFTs mints pushing people to jump into these malicious websites by creating a false sense of urgency.

"It isn't necessarily that Discord in and of itself has a weakness, but it just makes it a very target-rich environment," says Chris Janczewski, head of global investigations at TRM Labs. "If you're looking for people that own NFTs, you go to a place where they're all hanging out, and you have a point to be able to make [contact] with them."

While cyberattacks targeting Discord have been successful, Laird pointed out that hackers also compromised Twitter and Instagram accounts in recent months.

TRM Labs says that the rate at which the attacks are happening, and the fact that they occur across multiple blockchains, suggests that they could be separate attacks by rival cyber criminals running scams at the same time using tools provided as a "Scam-as-a-Service," turn-key, pay-as-you-go services to launch attacks.

In a separate report due out Thursday and previewed byDecrypt, blockchain security firmHalbornhas also seen an increase in threats targeting crypto, separately pointing to the North KoreanLazarus Group, which the U.S. Treasury Department claims orchestrated the $622 million hack of the Axie Infinity Ronin Network.

While TRM Labs did not specify where the attacks are coming from, Halborn sees the threat originating from within China.

"Our analysis indicates that this attack came from a Chinese group that aims for high-value individuals," Alpcan Onaran, Halborn offensive security engineer, toldDecrypt via Telegram. "We are expecting a logarithmic increase in advanced persistent attack (APT) activity and also expect to see different adversaries targeting Web 3.0 companies and individuals."

Onaran says that in Web3, security should be considered in all aspects, both technically and non-technically, to defend against these new threats.

"There's a saying that there's no such thing as new crimes [or] new scams; there are the old ones repackaged," Janczewski says. "So it makes perfect sense that all the kind of spear phishing, the FOMO, the getting people to do things irrationally very quickly, has pivoted into the new space, which is NFTs."

Arts

https://decrypt.co/106024/nft-projects-lost-22m-to-hackers-in-one-month-via-discord-report?amp=1

Interesting NFTs
X*Y=K
・゜゚・:.。..。.:*・'(゚▽゚)'・*:.。. .。.:*・゜゚・* for more info see https://tinyurl.com/56unnr39
Chromie Squiggle #4697
Simple and easily identifiable, each squiggle embodies the soul of the Art Blocks platform. Consider each my personal signature as an artist, developer, and tinkerer. Public minting of the Chromie Squiggle is permanently paused. They are now reserved for manual distribution to collectors and community members over a longer period of time. Please visit OpenSea to explore Squiggles available on the secondary market.
taNNa
conceptual art. drawing and digitally processed.
Who is Satoshi Nakamoto?
"Who is Satoshi Nakamoto?" is dedicated to the mysterious creation of Bitcoin, and acts as the showcase artwork within Javier Arrés’ exploratory series "Bitcoin, The Origin". "Who is the creator of Bitcoin?" The artist, Arrés, explores this question, and the feelings of doubt and mystery that accompany it, through his unique artistic language. An unknown, an enigma. It should be remembered that the name Satoshi Nakamoto is a pseudonym of Bitcoin's author or authors and gives us little insight into its true creator. For this Visual Toy, Arrés uses the signature claw machine, his famous half-operation, to symbolize our collective ignorance and unconfirmed belief: As soon as it has the stuffed animal within its grasp and appears to have solved the puzzle, the animal escapes again, and again. At present, there are three more public and studied possibilities who are either believed to be the creators of the currency or who directly claim the creation of it. It may be all or none of them, yet these three personalities leave us clues which are an important part of this interesting enigma. For this moment, it will remain unknown... In this artwork, Arrés elevates the claw machine from the apparatus, to an iconic pop art object serving as an important element to the Bitcoin creation narrative. Action is everywhere, with each movement serving an iconographical or metaphorical purpose related directly to cryptocurrency: Various ups and downs, roller coasters, mining points, robot, coins and more speak to a sense of hope, risk, mystery, randomness and possibility of pay out. Hundreds of manically thought out details make this creation one of the artist’s most complex Visual Toys to date. ------- "Bitcoin, The Origin" is a set of two Visual Toys, titled "Who is Satoshi Nakamoto" and "It’s Alive!" which reflect and explore the mystery and enigmas behind the creation of Bitcoin. Arrés presents these proposals to us in his signature style, full of iconography, fantasy, maniacal animations and a panoply of details (both subtle and overt) which simultaneously fascinate, hypnotize, and narrate this historical milestone through the singular vision of the artist. Through this series, Arrés freezes a crucial moment of cryptocurrency history, taking a still photo under his vision and turning it into two unique crypto artworks. ---- More info about Javier Arrés: https://javierarres.com/about.html
Hexenviper
A character from The Beacon