Scammers have reportedly found a new way to compromise users’ Discord accounts — including those on servers related to cryptocurrencies and non fungible-tokens (NFTs) — by hijacking QR codes used for logging in.
According to pseudonymous crypto enthusiast Serpent, malicious actors — disguised as Discord’s verified bot called Wick—are now reaching out to users to offer a collaboration, potential employment, or some other enticing opportunities. But there’s a catch — to continue the discussion, scammers ask users to verify via a QR code.
New NFT discord scam going around, this time using QR codes.
Pretty terrible scam, but this is how it works ??
– Gyvatė (@SerpentAU) Balandis 4, 2022
This is because Discord has an option to log in using a special QR, bypassing two-factor authentication. In reality, however, “scammers are using Chrome drivers to open the login page, get the QR code image, then send it to the Discord bot, asking people to verify themselves,” Serpent explained.
If a user scans such a code, bad actors can instantly log into their account and snatch their Discord token, a unique series of numbers and letters that is created when people connect to the app. If this happens, users need to reset their passwords as soon as possible.
Kodėl tai pavojinga?
While access to a Discord account won’t tiesiogiai endanger someone’s crypto or NFTs, such security breaches are still dangerous and can enable to all manner of cyberattack vectors.
5/ Thank for coming to my ted talk. Stay safe & stay vigilant, threat actors are everywhere these days and they try to scam us 24/7. Double check everything you see and ask yourself: “Is this safe to click” -K3rnel?
— K3rnelPan1c.eth (@Krn3lPanic) Kovo 14, 2022
For example, malicious QR codes can be used to add new—and potentially suspicious—contacts to users’ lists. Further, such codes also allow to connect victims’ devices to the hacker’s network, automatically initiate phone calls as well draft emails and send text messages. Not to mention that such QR codes can reveal users’ locations and initiate fraudulent payments.
Things we can no longer do:
?open dms on discord
?scan QR codes
?click unknown links
?use discord
?click on google drive links
?do art commissions for strangers
?store nfts on hot wallets
? ______________________— Ƨ ? and 776 others (@stellabelle) Balandis 4, 2022
As „CryptoSlate“ pranešė, cyberattacks have been picking up steam on Discord lately. Notably, not only regular users but major crypto companies are being hacked as well.
On April 1, for example, the Discord server of the famous Bored Ape Yacht Club NFT collection was pakenkta įsilaužėliams.
LIK SAUGUS. Šiuo metu nekalkite nieko iš jokio „Discord“. „Webhook“ mūsų „Discord“ buvo trumpam pažeistas. Sugavome iš karto, bet žinokite: mes nedarome jokių balandžio XNUMX-ųjų slaptų kalyklų / airdrops ir pan. Šiuo metu atakuojami ir kiti nesutarimai.
- „Bored Ape“ jachtų klubas (@BoredApeYC) Balandis 1, 2022
At the time, the hacker gained access to the Discord server that hosts Bored Ape Yacht Club, Mutant Ape Yacht Club, and Mutant Ape Kennel Club—all three NFT collections from Yuga Labs.
Apart from Yuga Labs, Discord servers of other NFT projects, such as Nyoki Club ir Shamanzs NFT, were also hacked that day.
Source: https://cryptoslate.com/crypto-users-report-new-wave-of-discord-nft-scams/