The number of phishing attacks on NFT communities is increasing. Analysts say that hacks of Discord feeds of various NFT projects may be related. At the same time, cyber attacks with ransomware decreased by 23%, and the use of cryptojacking schemes grew by 30% in the second half of this year.
Web 3.0 security analysts at TRM Labs report that the number of cyberattacks on NFT collections has steadily risen. For example, Chainabuse has received over 100 reports of Discord channel hacks in the past two months. Hackers managed to steal more than $22 million from the NFT community in May alone.
Analysts report that in June, phishing attacks on NFT projects via compromised Discord accounts doubled compared with the previous month. Thus, on June 4 alone, at least ten Discord accounts on various NFT channels were hacked.
According to TRM Labs analysts, many attacks are similar in nature and exhibit identical behaviors. The main tactics used by scammers in Discord are:
- using social engineering, particularly phishing and fraudulent accounts;
- exploitation of bot vulnerabilities;
- updating administrator settings.
Analysts also noticed that some attacks on Discord targeting NFT project servers are most likely carried out by a group of hackers or as a Scam-as-a-Service offering. Analysts identified attempts to compromise well-known projects BAYC, Bubbleworld, Parallel, Lacoste, Tasties, and Anata, among other related attacks.
Recall that social networks are the most vulnerable area of Web 3.0. So in 2021, cryptojackers stole more than $400 million via Instagram, Facebook, WhatsApp, and Telegram.
Cryptojacking & Ransomware
U.S. cybersecurity company SonicWall released a report showing that global cryptojacking volumes increased 30% (~$66.7 million) in the first half of 2022 compared to last year.
SonicWall experts point out that the main cryptojacking targets in 2022 were financial institutions, which saw a 269% increase in attacks in the last half of the year. By comparison, similar attacks on retailers rose only 63% in the same period.
Cryptojacking involves using the victim’s devices to covertly mine cryptocurrencies. The victim is often unaware of the threat, but stealing the processing power of computer devices can increase energy bills and shorten equipment lifespan.
However, SonicWall analysts state a significant decrease in the global number of ransomware attacks amid falling BTC prices. Hence, in the first half of this year, there were 236.1 million attempts of crypto fraud using ransomware, which is 23% less than in the previous six months.
In total, the number of hacking attacks on cryptocurrency projects in Q2 2022 increased by 21%. The attackers managed to steal $2 billion in cryptocurrency.