The biggest non-fungible token (NFT) marketplace is without a doubt OpenSea. Today it was announced that the official Discord channel of the marketplace has been taken over by hackers. They then tried to steal the valuable belongings of innocent victims by sharing phishing links.
NFT phishing
An announcement was made on the hacked Discord channel that OpenSea would have entered into a partnership with YouTube. A link was then posted that took users to a fake website. There would be a so-called “Mint Pass” available to users that could give them extremely interesting benefits. Obviously this was complete nonsense and was nothing more than phishing.
“We’ve partnered with YouTube to bring their community into the NFT Space, and we’re releasing a mint pass with them that allows holders to mint their project for free, along with getting other insane utilities for holding it. ”
🚨 OPENSEA DISCORD HAS BEEN HACKED pic.twitter.com/7lePPC99fa
— Serpent (@Serpent) May 6, 2022
The hacker states that only 100 free coin cards will be available for distribution. After the first message, the hacker modified the discord to indicate that 80% had already been sold. It is still unknown how many people have been caught in this form of scams.
Response from OpenSea
Of course, a real partnership with YouTube would be big news, but OpenSea has never officially announced anything like that. When OpenSea was notified of the hack of their Discord channel, they released a message on Twitter. They warned users on Discord and advise not to click on any links.
In the meantime, the channel has also been taken off the air and is no longer visible to Discord users.
We are currently investigating a potential vulnerability in our Discord, please do not click on any links in the Discord.
— OpenSea Support (@opensea_support) May 6, 2022
It is not the first time that a Discord channel of a major NFT platform has been taken over by hackers. a while back also became the Discord channel of the Bored Ape Yacht Club hacked. Even then, the hackers’ target appeared to be phishing user data.