Animoca to repay users 265 ETH stolen in fake NFT drop Discord hack

Animoca to repay users 265 ETH stolen in fake NFT drop Discord hack

Hong Kong-based gaming and venture capital company Animoca Brands and subsidiary Blowfish Studios have promised users that they will repay 265 ETH (US$1.1 million) stolen in a fraudulent nonfungible token (NFT) sale on D`iscord.

The fraudulent minting event occurred at approximately 3 AM AEDT on Nov 19 on the Phantom Galaxies Discord server. It saw 1,571 fake minting transactions over the course of about three hours.

Our top trading bots

Phantom Galaxies is an upcoming Australian game being developed by Blowfish Studios. The Phantom Galaxies Discord server has 94,000 members.

In an increasingly common occurrence on Discord, hackers gained control of the official Phantom Galaxies server by using a malware bot that compromised the Admin account’s two-factor authentication. Once in control of the Discord server, the hackers banned all staff, advisor, and community moderator accounts.

Animoca to repay users 265 ETH stolen in fake NFT drop Discord hack
Screenshot of a fraudulent announcement about the so-called NFT drop. Source: PhantomGalaxies Discord server.

The hackers then began posting announcements, claiming that the game was launching an immediate surprise “stealth” NFT minting event. Users were directed to a fraudulent “Phantom Galaxies NFT minting platform,” which charged users a 0.1 ETH “minting fee.”

Animoca to repay users 265 ETH stolen in fake NFT drop Discord hack
Screenshot of the fraudulent website where users could “mint” PhantomGalaxies NFTs.

Chairman of Animoca Brands Yat Siu warned followers about the fraudulent NFT drop in a tweet at around 4AM AEDT Nov. 19.

At 5:22AM he posted another tweet, saying that affected customers will be “appropriately compensated.” This has since been confirmed in a Nov. 24 release from Animoca, which stated that details regarding compensation will be announced shortly.

“Woodz,” a Californian project manager for an upcoming NFT project called Terra Obscura lost $1000 USD to this attack. They told Cointelegraph they realized they’d been scammed shortly after ‘minting’ two non-existent NFTs:

“As I was doing it, it seemed a bit off. The gas was unusually low and the contract looked different. I knew something was wrong but not sure what.”

Woodz added they “don’t normally just click links,” but fell into the hacker’s trap because of the way the announcement was positioned inside the official announcement channel.

Related: Beeple’s Discord compromised, timed to coincide with Christie’s auction

The attack on Phantom Galaxies comes after a similar recent attack on Nov. 11 involving famed NFT artist, Beeple. Users thought they were signing up for a very affordable NFT drop, timed to coincide with his second Christie’s auction.

The perpetrator impersonated one of the channel admins and the Beeple Announcements Bot to promote a fake NFT drop from Beeple on Nifty Gateway. Beeple has since removed links to the Discord from his Twitter profile, and other links to the server no longer appear not to work.

According to an Oct. 21 report by cyber security company RiskIQ, Discord is becoming an increasingly popular platform for cybercriminals. RiskIQ researchers uncovered 27 unique malware types hosted on Discord's CDN servers.

In April, Talos Intelligence similarly found that hackers were increasingly using platforms like Discord to take advantage of users who were at home due to global COVID-19 restrictions.

“Attackers are leveraging collaboration platforms, such as Discord and Slack, to stay under the radar and evade organizational defenses,” it wrote at the time.

Continue reading with Cointelegraph
Ethereum privacy protocol Tornado Cash to launch on L2 Arbitrum
Tornado Cash is about to get a scaling boost as the privacy protocol prepares for deployment on the Ethereum layer two network Arbitrum. Tornado Cash’s...
Japanese megabanks join consortium launching yen-based digital currency
A consortium of roughly 70 Japanese companies, including the country’s biggest financial institutions, have joined forces to trial and launch a new yen-based...
Finance Redefined: Acala wins Polkadot parachain, and Iota set to launch Shimmer, Nov. 12–19
Welcome to the latest edition of Cointelegraph’s decentralized finance newsletter.Read on to discover why almost half of the liquidity providers on Uniswap...
Is US politics divisive enough to make crypto a partisan issue?
As the perceived legitimacy of blockchain technology increases, politicians in the United States have shown a growing interest in turning this non-partisan...
Gensler confirms SEC won't ban crypto ... but Congress could
Gary Gensler, the head of the U.S. The Securities and Exchange Commission has confirmed that his agency does not have the authority or intention to ban...
NFT whale 'Pranksy' pranked by fake Banksy for 97.7 ETH
Nonfungible token collector Pransky was duped out of 97.67 Ether, worth $341,500, after the website of popular artist Banksy was hijacked to promote a fake...
Fake vax certificates renew calls for blockchain-based solution in Australia
With counterfeit Australian coronavirus vaccination certificates circulating online, local experts are calling for the national rollout of a blockchain-based...
Helium (HNT) gains 40% after $111M fundraise and 100K active nodes milestone
Among the more than 11,000 listed cryptocurrencies exist a few projects that offer a revolutionary use case capable of improving the way society operates...
Powered by the people: 3 altcoins whose tweet volume spiked before a strong rally
On Crypto Twitter, a surge of attention directed at a coin often comes in response to dramatic price action. Quite naturally, rallying assets attract the...
Judge blocks sale of Jay-Z's first album and its copyright as an NFT
A New York judge has issued a temporary restraining order to block an alleged attempt from Roc-A-Fella Records Inc (RAF) co-founder Damon Dash to sell a...
US crypto exchange Kraken eyeing public listing in 2022
Kraken CEO Jesse Powell has revealed that the crypto exchange could go public before the end of 2022.Powell said this during an interview with Bloomberg...
NY Governor Cuomo launches blockchain-powered vaccination passports
New York Governor Andrew Cuomo announced the launch of the city's blockchain-powered “Excelsior Pass” vaccination passport on March 26.The passport is issued...
Qiwi Founder Invested $17 Million In Telegram ICO
Qiwi founder Sergei Solonin invested in ICO Telegram $17 million; he told journalists on the sidelines of the Russian Investment Forum in Sochi.Previously,...
Economist, Who Predicted 2008 Crisis, Says Bitcoin Will Drop to Zero
Famous American economist, who recently labeled bitcoin as the most massive bubble in history, has now said that the price of this crypto-coin is not...
Wikileaks will Expand the List of Cryptocurrencies for Donations
Julian Assange - the founder of Wikileaks - posted on his twitter that his project begin to accept donations in ZCash, which is the third virtual currency...