LOADING

Type to search

Hackers hijacked the OpenSea Discord with a fake YouTube NFT scam

Investments

Hackers hijacked the OpenSea Discord with a fake YouTube NFT scam

Share

Around 4:30AM ET on Friday, the official Discord channel for OpenSea, the world’s largest NFT marketplace, joined the growing list of NFT communities that have exposed participants to phishing attacks.

In this case, a bot made a fake announcement about OpenSea partnering with YouTube, enticing users to click on a “YouTube Genesis Mint Pass” link to snag one of 100 free NFTs with “insane utility” before they’d be gone forever, as well as a few follow-up messages. Blockchain security tracking company PeckShield tagged the URL the attackers linked, “youtubenft[.]art” as a phishing site, which is now unavailable.

While the messages and phishing site are already gone, one person who said they lost NFTs in the incident pointed to this address on the blockchain as belonging to the attacker, so we can see more information about what happened next. While that identity has been blocked on OpenSea’s site, viewing it via Etherscan.io or a competing NFT marketplace, Rarible, shows 13 NFTs were transferred to it from five sources around the time of the attack. They’re now also reported on OpenSea for “suspicious activity” and, based on their prices when last sold, appear to be worth a little over $18,000.

The phishing message, as seen on Discord.
Image: Richard Lawler / Discord

A screenshot of the thief’s haul as seen on Rarible.
Image: Richard Lawler / Rarible.com

This kind of intermediary attack in which scammers exploit NFT…

Read more…

Leave a Comment

Your email address will not be published. Required fields are marked *