Security - How to protect your business from hackers
Trait Sniper discusses how significant projects in the NFT market got hacked on Discord
The internet is everywhere, no matter where you reside, and people have been utilizing it to stay connected even when they aren't together. In the blockchain world, in general, and NFT in particular, one of the most popular platforms for discussion is Discord. Hundred of millions of people use Discord, a platform where you can build servers to chat with friends and strangers through text and video conversations. More specifically, it's a platform that lets you build or join "server" chat rooms.
People's discussions and concerns about earning from NFT and the blockchain industry are increasing. Therefore, the large volume of transactions that took place on the market also draws the attention of hackers.
In order not to worry about hackers or your account will be hacked, Trait Sniper will list solutions for you to avoid getting hacked in this blog. But first, let's take a look at the top hacks on the NFT marketplace on Discord:
Case Studies
Bored Ape Yacht Club
Bored Ape Yacht Club (BAYC) is a collection of 10,000 non-fungible tokens built on the Ethereum blockchain. It has a current floor price of almost 93.5 ETH. According to OpenSea statistics, a total volume of 594.5K ETHhas been traded for BAYC so far (10 Jun 2022).
In 2022, BAYC was hacked three times, which was deadly for their community. BAYC Discord was hacked for the first time in early April 2022. The 'ticket tool,' allows private support channels, which we call tickets, between the staff team and individuals who look for help, was compromised. During this time, clicking on any links might result in hackers gaining access to users' wallets. BAYC Discord had temporarily closed for new members.
At the end of this month, BAYC Instagram was attacked, damaging over $3M. According to the official BAYC Twitter, fraudsters hacked their Instagram account and publicized a fake land airdrop through a phishing link, prompting users to sign a "safeTransferForm" transaction. As a result, users' wallets were stolen. Despite Instagram 2FA has been active, it is unknown how the hack occurred, but it had a costly consequence. However, the BAYC team had private support for the affected users.
On 4 June 2022, the third BAYC security breach happened. BAYC Discord was hacked and damaged for $360,000 NFTs stolen. BAYC founder blamed Discord for this hacking case and still investing at this writing time. However, according to one viewpoint, hackers may take your NFT because of you for not paying attention when clicking on malicious links, not Discord false.
Monkey Kingdom
The Monkey Kingdom is a collection of 2,222 randomly generated 32x32 pixels NFTs on the Solana Blockchain. Each Wukong is unique and comes with different traits and attributes varying in rarity.
At the end of 2021, a hot Hong Kong NFT project 'Monkey Kingdom' was hacked and lost $1.3M. A phishing link was sent to users of Discord chat. Monkey Kingdom said on Twitter that it had set aside Solana for a "compensation fund" to assist purchasers who have been defrauded by the breach. Moreover, Monkey Kingdom announced new additional security measures as well as the addition of outside experts to assist prevent future intrusions.
None of the platforms are entirely safe. No community does expect to be hacked. Users must be conscious when the project team is in a passive situation. The fraud approach is the same in both cases. A careful check is needed before clicking any links or conducting any transactions.
How to avoid being hacked when using Discord in the NFT market?
To avoid unexpected situations, Trait Snipers will list seven ways to prevent account hacking as follows:
Turn off direct messages on Discord
Set your Direct Messages to “Friends Only.”
Do not click on any links you don't know except the official ones (Which are very important!)
Enable 2-factor authenticator
Do not scan QR code/password outside Discord
Do not text strangers who are not employees or moderators of that Discord server.
People will try to send friend requests; there will be IP grabbers, hackers, and doxxers, to keep you safe, do not accept any friend requests or DMs from people you don't know.
Final thought
NFT is a trend in blockchain at the moment. Its rapid growth in popularity also increases the risk of being stolen and hacked by attackers. New technological solutions also allow hackers to bypass always safe and reliable protection. Discord, Twitter, Instagram, etc. - all the platforms can be hacked, and once you lose your NFT, it is impossible to take it back.
Awareness of cybersecurity and what not to do in order to keep ourselves and others safe is the best defense we can have against attacks like this. We will keep you updated on the newest security advice to keep you safe in this space.
Stay safe!