[vc_row full_width=”stretch_row” css=”.vc_custom_1531732107238{background-color: #fcc118 !important;}”][vc_column]

[/vc_column][/vc_row][vc_row css=”.vc_custom_1531730959461{border-bottom-width: 1px !important;background-color: #f9fafb !important;border-bottom-color: #eef3f7 !important;border-bottom-style: solid !important;}”][vc_column css=”.vc_custom_1531891416301{margin-bottom: 0px !important;}”][bsfp-cryptocurrency style=”widget-6″ align=”auto” columns=”2″ scheme=”light” coins=”top-x-coins” coins-count=”8″ coins-selected=”” currency=”USD” title=”Cryptocurrencies” show_title=”0″ icon=”” heading_color=”” heading_style=”default” bs-show-desktop=”1″ bs-show-tablet=”1″ bs-show-phone=”1″ css=”.vc_custom_1531730265600{margin-bottom: 0px !important;}” custom-css-class=”” custom-id=””][/vc_column][/vc_row]

Crypto users report new wave of Discord NFT scams


Scammers have reportedly found a new way to compromise users’ Discord accounts — including those on servers related to cryptocurrencies and non fungible-tokens (NFTs) — by hijacking QR codes used for logging in.

According to pseudonymous crypto enthusiast Serpent, malicious actors — disguised as Discord’s verified bot called Wick—are now reaching out to users to offer a collaboration, potential employment, or some other enticing opportunities. But there’s a catch — to continue the discussion, scammers ask users to verify via a QR code.

This is because Discord has an option to log in using a special QR, bypassing two-factor authentication. In reality, however, “scammers are using Chrome drivers to open the login page, get the QR code image, then send it to the Discord bot, asking people to verify themselves,” Serpent explained.

If a user scans such a code, bad actors can instantly log into their account and snatch their Discord token, a unique series of numbers and letters that is created when people connect to the app. If this happens, users need to reset their passwords as soon as possible.

Why is it dangerous?

While access to a Discord account won’t directly endanger someone’s crypto or NFTs, such security breaches are still dangerous and can enable to all manner of cyberattack vectors.

For example, malicious QR codes can be used to add new—and potentially suspicious—contacts to users’ lists. Further, such codes also allow to connect victims’ devices to the hacker’s network, automatically initiate phone calls as well draft emails and send text messages. Not to mention that such QR codes can reveal users’ locations and initiate fraudulent payments.

As CryptoSlate reported, cyberattacks have been picking up steam on Discord lately. Notably, not only regular users but major crypto companies are being hacked as well.

On April 1, for example, the Discord server of the famous Bored Ape Yacht Club NFT collection was compromised by hackers.

At the time, the hacker gained access to the Discord server that hosts Bored Ape Yacht Club, Mutant Ape Yacht Club, and Mutant Ape Kennel Club—all three NFT collections from Yuga Labs.

Apart from Yuga Labs, Discord servers of other NFT projects, such as Nyoki Club and Shamanzs NFT, were also hacked that day.

Posted In: Hacks, NFTs, Scams

1 Comment
  1. Henryned says

    Have no money? It’s easy to earn them online here. https://ned.nanolabs.es/ned

Leave A Reply

Your email address will not be published.