Another Discord server has fallen victim to a webhooks exploit

The OpenSea Discord server was hacked early Friday morning. A series of posts from a compromised OpenSea Discord server bot directed users to obtain the “YouTube Genesis Mint Pass” from a phishing link.

OpenSea Discord server hacked

The discord of the largest NFT market has been hit. A tweet from the official OpenSea support Twitter confirmed a vulnerability in the market’s Discord server on Friday morning.

The hacker’s first post, which appeared on the announcement channel at 4:04 a.m. UTC, states that OpenSea has “partnered with YouTube to bring their community into the NFT space.” The post says that the partnership will include the release of 100 “YouTube Genesis Mint Passes” that will allow owners to work on collaborative projects for free. The post ends with a link to a fake mining site designed to trick users into signing a transaction that would allow hackers to move NFTs out of their wallets.

It looks like the hackers were able to maintain their presence on the server for some time before OpenSea employees regained control. The hacker succeeded in re-posting the original fake messages, reposting the fake link, and saying that 70% of the supply was minted to induce a FOMO among users.

Etherscan shows that the damage from the hack is currently small. Only six wallets appear to be affected so far, with the most valuable NFT stolen being ConiunPass, with a market value of around 0.84 ETH or $2,300.

Initial reports suggest that hackers exploited the OpenSea Discord server’s webhook to access server controls. Webhook is a server plugin that provides other applications with real-time data. While webhooks serve a useful function, they are increasingly used by hackers as a means of attack because they allow messages to be sent to users from official server accounts.

The OpenSea Discord server isn’t the only one that has recently fallen victim to a webhooks attack. In early April, Discords of several prominent NFT collections, including Bored Ape Yacht Club, Doodles, and KaijuKings, were compromised using a similar exploit that allowed hackers to post links scam by official server account.

Read more:

Join us on Telegram

Follow us on Twitter

Follow us on Facebook

You might also like