Join Our Telegram channel to stay up to date on breaking news coverage
Hackers are constantly inventing new ways to rob crypto community members off of their coins and tokens, and the recent major scheme involves a popular social platform, Discord. Specifically, an unknown hacker managed to hijack the Discord URL of a popular NFT artist, Mike “Beeple” Winkelmann. Clicking the link to his Discord server will now lead users to a different Discord channel designed to drain the users’ wallets.
This is particularly troublesome for the new community members who might try to join Beeple’s Discord for the first time, as the link would direct them to a completely different server, while existing members can access the real server through the app itself.
The details of the hack
Beeple posted the announcement about having his URL hacked on Monday, October 3rd, when he warned his community not to go to the fraudulent channel and complete the verification process, as it will drain their wallet before they can react.
it appears our discord URLs were hacked to point to a fraudulent discord. DO NOT go into that discord and do not verify, it will drain your wallet!!
once again massive thanks again to discord for being garbage. 👍
— beeple (@beeple) October 3, 2022
Another Twitter user, Chris Wallace (@chriswallace) explained that, if the server’s boost level falls from 3 to 2, the server will lose its vanity URL, meaning that another server can pick it up and impersonate the original server. He called it a “really horrible default that results in massive security risks.”
If your boost level falls from 3 to 2 you lose your vanity URL which means another discord server can pick it up and impersonate your discord. Really horrible default that results in massive security risks.
— designer (@chriswallace) October 3, 2022
Beeple was not the first to notice that his URL has been hijacked. Another user, known as maxnaut.eth, posted the warning that the Discord link connected to Beeple has been overtaken several hours earlier.
He tweeted the warning, accompanied by a screenshot, and an explanation that Beeple’s Discord link now leads to a scam CollabLand wallet drainer, and that the reason behind this is that it got hijacked as Beeple’s team likely did not update it on OS.
@beeple Your OpenSea BEEPLE: EVERYDAYS – 2020 COLLECTION has a Discord link attached to it that links to a scam CollabLand wallet drainer.
Your Discord URL probably got hijacked and your team didn't update it on OS. You need to change that ASAP or people going to get rekd. pic.twitter.com/GFMwWU2xd2
— maxnaut (@maxnaut) October 3, 2022
While Beeple has blamed this on the platform itself, many others, including community members, analysts, and een the cybersecurity company Black Alchemy Solutions Group disagree, claiming that this is a problem with a mismanagement of the Beeple Information Security apparatus. The company recommended that he hires a vCISO (Security Officer).
Since the issue was noticed and recognized, maxnaut.eth posted another update, stating that Beeple seemingly managed to resolve the problem.
Beeple has a long history with hacking attacks
The fact that Beeple was targeted also comes as no surprise, given that he managed to sell some of the most expensive NFTs ever sold. For example, a compilation of 5,000 pieced of artwork called the First 5,000 Days was sold for $69.3 million. His website also has some major names on the list of clients, including Apple, Space X, and even Louis Vuitton.
This is also not the first time that Beeple was targeted by hackers, as in May of this year, a phishing scam managed to drain $438,000 in crypto and NFTs by hijacking his Twitter account and linking to a raffle. Before that, in November 2021, his Discord was part of another scam, where an admin account got compromised and the hackers used it to advertise a fake NFT drop, which resulted in them netting around 38 ETH ($176,378).
Related
- A fake BAYC raffle is launched as The Sandbox Instagram account gets hacked
- Nomad Hack: “Copycats” Steal $88M by Replicating an Attacker’s Code
- Indian Government Twitter Accounts Hacked With NFT Ads Posted
Join Our Telegram channel to stay up to date on breaking news coverage