How NFT Projects Lost 22million to the same Hacker Network via Discord in 2022

TRM Labs recently revealed how NFT projects have fallen victim to the same hacker network through Discord over the past three months

Sat 30th Jul 2022


Discord has become the favored platform for NFT projects in recent times. This is not surprising as the platform offers projects the advantage of a personalized experience for their community. It is already a given that projects can freely relate to their communities via Discord by engaging in less formal discussions, arranging AMAs, organizing giveaways, and directly attending to the needs of members. 

Over time, this arrangement has yielded results for all participants and has created a sense of trust between projects and their pool of members. However, things have changed recently, as Discord has become a haven for scammers to perpetrate their acts, using cunning means to swindle community members.

Organized Attacks via Discord

A report recently published by TRM Labs has revealed how hackers have targeted NFT projects via Discord over the past three months with projects losing more than $22 million within this timeframe. The report further stated that there was a 55% increase in phishing-related hacks in June, more than ever recorded in the previous month of 2022.

Several NFT projects fell hard for the hacks between June 2 and June 10. TLM, in a tweet made on July 25 revealed that more than 150 NFT projects have fallen to hackers since May, with the popular NFT project, BAYC, falling victim on two different occasions. Other notable victims include Bubbleworld, Lacoste, and Anata. 

Source: @trmlabs on Twitter.

In a similar vein, there has been an increase in reports of scam messages on Chainabuse, a community-led scam reporting platform managed by TRM Labs. Here is a screenshot of one of such reports made recently.

Source: chainabuse.com

As part of the report, TRM Labs, through its TRM Forensics revealed that its investigation revealed that at least 15 of these attacks were connected in some way, as the pattern of attacks exhibited the same behavior, and the attacks all lead to a single wallet address.

Old Techniques Repackaged

Further investigation has shown the very nature of the hacks. Simply, the hackers deployed a combination of tactics to carry out their acts. They relied on social engineering such as creating false accounts and phishing, manipulated Discord bots such as MEE6 to tamper with admin settings, and even banned moderators, then promised giveaways to members while urging them to take time-bound actions (FOMO).

Final Thoughts

The wave of NFT hacks that have recently swept through the space has been alarming, the recent TRM Labs reports have helped shed light on the extent and dimensions of these attacks. As  NFTs become more valuable, these attacks have far-reaching economic consequences for the projects involved. Hopefully, the revelation will help NFT projects put better measures in place to prevent future occurrences.