Animoca Brands promise to repay users 265 ETH stolen in Discord hack
Gaming and venture capital firm Animoca Brands, based in Hong Kong and its subsidiary Blowfish Studios have recently promised their users that they would repay 265 ETH (roughly US$1.1 million) that was stolen through a fraudulent nonfungible token (NFT) sale on Discord.
The fraudulent minting event had occurred at around 3 AM AEDT on November 19 on over Phantom Galaxies Discord server. It had recorded about 1571 fake minting transactions within a duration of three hours.
Phantom Galaxies is an upcoming game in Australia that is being developed by Blowfish Studios. The Phantom Galaxies Discord server currently has 94000 members.
What occurs most commonly on Discord has increased now that hackers tend to gain control of the official Phantom Galaxies server in what appears to be that they are using a malware bot that has compromised the Admin account’s two-factor authentication. Once they gain control of the Discord server, the hackers ban all advisor, staff and community moderator accounts.
Hackers on the server then began with posting announcements, claiming that the Australian game was launching an instant surprise “stealth” NFT minting event. Users were subsequently directed to a fraudulent “Phantom Galaxies NFT minting platform,” which charged then a 0.1 ETH as a “minting fee.”
Animoca Brands Chairman Yat Siu had warned followers about the fraudulent NFT drop through a tweet at around 4 AM AEDT on November 19.
At 5:22 AM, Siu had posted another tweet declaring that the affected customers would be “appropriately compensated.” This has now been confirmed in a November 24 press release from Animoca Brands, which has stated that details regarding compensation would be announced shortly.
A Californian project manager named “Woodz,” who was working for an upcoming NFT project called Terra Obscura, has reported to have lost USD 1000 to this hack attack. They realized they had been scammed shortly after having ‘minted’ two non-existent NFTs.
Woods recalled that as he was in the process of doing it, “it seemed a bit off.” The gas had become “unusually low”, whereas the contract looked different. That moment he knew something was wrong, “but not sure what was.”
Woodz also added that they “don’t normally just click links,” but had fallen into the hacker’s trap because of the manner in which the announcement was positioned inside the official Discord channel.
The attack on Phantom Galaxies has come following after a similar attack on November 11 that involves famed NFT artist, Beeple. Users had thought they were signing up for a very affordable NFT drop, but it was actually timed to coincide with the second Christie’s auction.
The perpetrator had reportedly impersonated one of the channel admins and the Beeple Announcements Bot for promoting a fake NFT drop from Beeple on Nifty Gateway. Since then, Beeple has removed links to the servers that no longer appear to work.
According to a report on October 21 by cyber security firm RiskIQ, Discord is becoming increasingly popular among cybercriminals. RiskIQ researchers have uncovered 27 unique malware types that are hosted on Discord’s CDN servers.
In April, Talos Intelligence had similarly found that hackers were massively using platforms like Discord for taking advantage of users who were at home owing to global COVID-19 restrictions.
Talos had informed that attackers “are leveraging collaboration platforms like Discord and Slack” for staying under the radar and evading organizational defences.
 that was stolen){kind=link}