Newsletter
Join thousands of people who receive the latest breaking cybersecurity news every day.
The administrator of your personal data will be Threatpost, Inc., 500 Unicorn Park, Woburn, MA 01801. Detailed information on the processing of personal data can be found in the privacy policy. In addition, you will find them in the message confirming the subscription to the newsletter.
document.getElementById( “ak_js_1” ).setAttribute( “value”, ( new Date() ).getTime() );
The administrator of your personal data will be Threatpost, Inc., 500 Unicorn Park, Woburn, MA 01801. Detailed information on the processing of personal data can be found in the privacy policy. In addition, you will find them in the message confirming the subscription to the newsletter.
Share this article:
Hackers escalate phishing and scamming attacks to exploit popular Discord bot and persuade users to click on the malicious links.
Discord a public chat application designed for gamers has grown popular among crypto owners all over the world. Attackers are targeting the Discord servers of several popular nonfungible token (NFT) projects.
Josh Fraser founder of Origin protocol shared a thread on Twitter earlier this month, revealing the issue and warning the user about the integrity of the Discord private channels. Fraser added that the issue was quickly closed as a “duplicate issue” when responsibly disclosed to the team of Discord.
According to Fraser, Discord API leaks “the name, description, members list, and activity data for every private channel on every server.” He explained he stumbled on the issue while setting up an automated script to notify him anytime a user enters a certain keyword.
Infosec Insiders Newsletter
Another tweet was shared by PeckShield, a blockchain cybersecurity firm, warning users about compromised NFT Discord Server of Memeland, RTFKT, PROOF/Moonbirds and infrastructure company Cyberconnect.
Cyberconnect and Memeland confirmed the hack on their Twitter feeds and warned users to avoid clicking on any link on Discord. Cyberconnect caution that the project will never ask for their private keys. Similarly, Memeland alerted customers about the “fake links” in a message.
A team member of Memeland noted, “a discord bot (mee6) seems to be compromised across various high profile servers.” The mee6 bot is used by the server owners to automate welcome messages and inform about the server rules, events and topics.
With lots of high-profile crypto projects using Discord, this leakage of information can reveal “not-yet-announced partnerships, upcoming product launches, exchange listings, and coordinate multi-sig signers,” as reported by Fraser.
According to Motherboard, the compromised Discord server bot can cause devastating results, as an adversary can post a malicious link disguising as an automated bot and allure users to open it, one wrong click can cause irreversible damage to individual earnings, and a hijacked Discord server can pose threat to a large audience.
“That would be such a credible piece of bait that I’m sure hundreds or thousands of people are gonna fall for that. […] Those bots are a huge liability when it comes to security,” explained Stephen Tong, co-founder of blockchain security firm Zellic.
The string of attacks against the NFT discord channel continues in recent months. Bored Ape Yacht Club, Nyoki, Shamanz, Doodles, and Kaiju Kingz, had their Discord accounts breached and compromised in April, and OpenSea accounts were hacked in May.
Roger Grimes at Knowbe4 said, “The key lesson here is that anyone in the potential attack chain of cryptocurrency or NFTs has to be secured as if they were a high-security government agency.”
Further, Grimes suggested that cryptocurrency services should introduce high-security configurations for all software and devices. Initiate multi-factor authentication(MFA) to log in, patch all vulnerable software, impart education, and “run application control problems backed by a secure hypervisor chip”.
Share this article:
CISOs do heroic work protecting their executives when inside the organization’s four walls. But risks originating in personal digital lives present a challenge that enterprise security teams cannot solve, even if they wanted to.
Threat actors already are exploiting vulnerability, dubbed ‘Follina’ and originally identified back in April, to target organizations in Russia and Tibet, researchers said.
The malvertiser’s use of PowerShell could push it beyond its basic capabilities to spread ransomware, spyware or steal data from browser sessions, researchers warn.

document.getElementById( “ak_js_2” ).setAttribute( “value”, ( new Date() ).getTime() );
This site uses Akismet to reduce spam. Learn how your comment data is processed.
Join thousands of people who receive the latest breaking cybersecurity news every day.
2022’s DBIR also highlighted the far-reaching impact of supply-chain breaches and how organizations and their emplo… https://t.co/u4ebGrgcc1
17 hours ago
Get the latest breaking news delivered daily to your inbox.
The First Stop For Security News
Infosec Insider content is written by a trusted community of Threatpost cybersecurity subject matter experts. Each contribution has a goal of bringing a unique voice to important cybersecurity topics. Content strives to be of the highest quality, objective and non-commercial.
Sponsored Content is paid for by an advertiser. Sponsored content is written and edited by members of our sponsor community. This content creates an opportunity for a sponsor to provide insight and commentary from their point-of-view directly to the Threatpost audience. The Threatpost editorial team does not participate in the writing or editing of Sponsored Content.

source

Write A Comment