{"id":372069,"date":"2021-11-25T04:50:14","date_gmt":"2021-11-25T01:50:14","guid":{"rendered":"https:\/\/en.buradabiliyorum.com\/animoca-to-repay-users-265-eth-stolen-in-fake-nft-drop-discord-hack\/"},"modified":"2021-11-25T04:50:14","modified_gmt":"2021-11-25T01:50:14","slug":"animoca-to-repay-users-265-eth-stolen-in-fake-nft-drop-discord-hack","status":"publish","type":"post","link":"https:\/\/buradabiliyorum.com\/en\/animoca-to-repay-users-265-eth-stolen-in-fake-nft-drop-discord-hack\/","title":{"rendered":"# Animoca to repay users 265 ETH stolen in fake NFT drop Discord hack"},"content":{"rendered":"

# Animoca to repay users 265 ETH stolen in fake NFT drop Discord hack <\/strong>”<\/p>\n

Hong Kong-based gaming and venture capital company Animoca Brands and subsidiary Blowfish Studios have promised users that they will repay 265 ETH (US$1.1 million) stolen in a fraudulent nonfungible token (NFT) sale on D`iscord. <\/p>\n

The fraudulent minting event occurred at app<\/a>roximately 3 AM AEDT on Nov 19 on the Phantom Galaxies Discord server. It saw 1,571 fake minting transactions over the course of about three hours.<\/p>\n

Phantom Galaxies is an upcoming Australian game<\/a> being developed by Blowfish Studios. The Phantom Galaxies Discord server has 94,000 members. <\/p>\n

In an increasingly common occurrence on Discord, hackers gained control of the official Phantom Galaxies server by using a malware bot that compromised the Admin account\u2019s two-factor authentication. Once in control of the Discord server, the hackers banned all staff, advisor, and community moderator accounts. <\/p>\n

Screenshot of a fraudulent announcement about the so-called NFT drop. Source: PhantomGalaxies Discord server.<\/em><\/figcaption><\/figure>\n

The hackers then began posting announcements, claiming that the game was launching an immedia<\/a>te surprise \u201cstealth\u201d NFT minting event. Users were directed to a fraudulent \u201cPhantom Galaxies NFT minting platform,\u201d which charged<\/a> users a 0.1 ETH \u201cminting fee.\u201d<\/p>\n

Screenshot of the fraudulent website where users could \u201cmint\u201d PhantomGalaxies NFTs.<\/em><\/figcaption><\/figure>\n

Chairman of Animoca Brands Yat Siu warned followers about the fraudulent NFT drop in a tweet<\/a> at around 4AM AEDT Nov. 19. <\/p>\n

At 5:22AM he posted another tweet<\/a>, saying that affected customers will be \u201cappropriately compensated.\u201d This has since been confirmed in a Nov. 24 release<\/a> from Animoca, which stated that details regarding compensation will be announced shortly. <\/p>\n

\u201cWoodz<\/a>,\u201d a Californian project manager for an upcoming NFT project called Terra Obscura<\/a> lost $1000 USD to this attack. They told Cointelegraph they realized they\u2019d been scammed shortly after \u2018minting\u2019 two non-existent NFTs:<\/p>\n

\u201cAs I was doing it, it seemed a bit off. The gas was unusually low and the contract looked different. I knew something was wrong but not sure what.\u201d<\/p><\/blockquote>\n

Woodz added they \u201cdon\u2019t normally just click links,\u201d but fell into the hacker\u2019s trap because of the way the announcement was positioned inside the official announcement channel. <\/p>\n

Related: <\/em><\/strong>Beeple\u2019s Discord compromised, timed to coincide with Christie\u2019s auction<\/em><\/strong><\/p>\n

The attack on Phantom Galaxies comes after a similar recent attack on Nov. 11 involving famed NFT artist, Beeple. Users thought they were signing up for a very affordable NFT drop, timed to coincide with his second Christie\u2019s auction. <\/p>\n

The perpetrator impersonated one of the channel admins and the Beeple Announcements Bot to promote a fake NFT drop from Beeple on Nifty Gateway. Beeple has since removed links to the Discord from his Twitter profile<\/a>, and other links<\/a> to the server no longer appear not to work.<\/p>\n

According<\/a> to an Oct. 21 report by cyber security company RiskIQ, Discord is becoming an increasingly popular platform for cybercriminals. RiskIQ researchers uncovered 27 unique malware types hosted on Discord’s CDN servers. <\/p>\n

In April, Talos Intelligence similarly found that hackers were increasingly using platforms like Discord to take advantage of users who were at home due to global COVID-19 restrictions. <\/p>\n

\u201cAttackers are leveraging collaboration platforms, such as Discord and Slack, to stay under the radar and evade organizational defenses,\u201d it wrote at the time. <\/p>\n<\/div>\n