OpenSea, the popular marketplace for non-fungible tokens (NFT) projects, has reportedly fallen victim to a hack in which attackers are promoting a scam within OpenSea’s Discord servers.
“We are currently investigating a potential vulnerability in our Discord, please do not click on any links in Discord,” OpenC tweeted on Friday.
Inside OpenSea’s Discord server, the support team has issued similar statements. Members of a specific channel also shared screenshots of this specific scam for reporting server-side scams. Screenshot showing an OpenSea bot announcing that “YouTube is officially partnering with [OpenSea] To bring our community into the NFT arena.”
Security firm PeckShield also reported on the issue, saying that OpenC’s Discord servers have been used to promote the scam NFT Mint.
As per screenshot shared by another twitter userThe hackers posted an announcement regarding the NFT Mint Pass offered in partnership with YouTube.
PeckShield has identified the link in the announcement channel as a phishing site. It is not immediately clear whether any users have been victims of the attack.
decrypt Reached out to both OpenSea and PeckShield for more comments on the matter and will update this story accordingly should we hear back.
Exploits Targeting NFTs
This is not the first time hackers have targeted Discord servers related to NFTs.
Last month, the Bored Ape Yacht Club (BAYC) Discord channel was compromised by a phishing attack, resulting in ApeCoin, the governance token for the Bored Ape community, dropping more than 8%.
Later in the same month, BAYC’s official Instagram account was also compromised as users who were caught in the scam had their NFTs stolen.
The best of Decrypt straight to your inbox.
Get daily, weekly roundups of top stories and deep dives straight to your inbox.