BTC PULSE
  • News
    • Altcoins
    • Blockchain
    • Bitcoin
    • Ethereum
    • NFT
    • Regulation
    • WEB 3.0
  • Price Prediction
  • Learn
  • Events
  • Advertise
No Result
View All Result
Play Now
  • News
    • Altcoins
    • Blockchain
    • Bitcoin
    • Ethereum
    • NFT
    • Regulation
    • WEB 3.0
  • Price Prediction
  • Learn
  • Events
  • Advertise
No Result
View All Result
BTC PULSE
No Result
View All Result
Play Now
Home Blockchain

There is a New Discord Scam Targeting NFT/Metaverse Projects

by Favour Ajibade
Sep 22, 2022 - 12:00 am
in Blockchain
There is a New Discord Scam Targeting NFT/Metaverse Projects

On September 22, 2022, Boring Security tweeted about a new Discord scam that aims to steal authentication tokens from the creators of various NFT and Metaverse projects, using links to real NFT and Metaverse project websites to appear to be a legitimate partnership initiative.

Today, Boring Security released a report on how its founder became the target of the new Discord scam through a seemingly legitimate partnership request with the perpetrator using Everdome as a cover.

🚨🚨NEW SOPHISTICATED SCAM ALERT🚨🚨

Communities are being targeted by putting malicious javascript at the end of known real links to steal discord auth tokens (which results in a full account compromise, with or without 2FA enabled)!

A small 🧵

— Boring Security (@BoringSecDAO) September 22, 2022

According to Boring Security, the new scam targets crypto community servers and crypto project founders using real project website names.

As reported, these scammers act very professionally and solicit partnerships, primarily utilizing upcoming crypto projects from targeted Metaverse and NFT Discord communities from founders and managers.

As the partnership deliberations progress, the scammer tries to convince the targeted project representative to get on a voice call to give a tour of their beautiful website and their Metaverse land, which in this case is another actual project, by clicking on the provided link that contains malicious JavaScript at the end as shown in the picture.

fdpdyfaamam5qul 1
Source: Boring Security

The added javascript code is used to steal the account authentication token from anyone who clicks on the link, ultimately compromising the account, granting them full access to the target account even with two-factor authentication enabled.

During the tour, the targeted Rep or Founder will be asked to test mint land using the Chrome browser, which the site, unfortunately, isn’t minting yet; As a result, it will fail. Based on this, the representative is requested to help them debug the website using the Chrome developer tools.

Then, the representative will be given a small identifier to be pasted in the developer console, which acts as a referral to help them know where the authentication token that was previously sent to them through the JavaScript containing the link that was visited, i.e., the discord server the person owns or serve as an admin.

As stated by plumferno.eth on Twitter, the compromised account can be fixed by changing the password associated with the account. Also, individuals are advised not to use the developer tool unless they know what they are doing.

The good news? It's *very* simple to fix this when it happens. Just change your Discord password! You ARE changing it more than once a month…right? RIGHT?
Please change your passwords ~regularly~! 2FA will NOT stop this from happening (but please use it anyway, server owners!!)

— Plum (@Plumferno) September 22, 2022
Favour Ajibade

Favour Ajibade

Favour Ajibade is a content writer and crypto lover from Nigeria who is passionate about introducing Web3 and cryptocurrency-based technologies to the world through writing. He was first introduced to crypto in 2020 and was immediately intrigued. He is a student biomedical researcher and enjoys spending his free time reading and learning new things.

Related Posts

KamAZ truck containing crypto mining rigs and transformer seized by Russian authorities

Russian Authorities Bust Truck-Based Crypto Mine Draining Village Power

June 14, 2025

Russian officials dismantled a crypto mine inside a truck stealing village power in Buryatia—marking the sixth illegal case...

Huione crypto laundering network continues operating despite FinCEN sanctions, with increasing transaction volume

Huione Crypto Laundering Network Thrives Despite Shutdown and Sanctions, Chainalysis Reports

June 13, 2025

Chainalysis reveals Huione's crypto laundering network remains active and growing post-sanctions, defying shutdown claims and U.S. regulatory action.

FSB Chair Klaas Knot speaks in Madrid on crypto's growing risks

FSB Warns Crypto Nearing ‘Tipping Point’ as Stablecoins Deepen TradFi Ties

June 12, 2025

FSB warns crypto could soon pose systemic risks as ETFs and stablecoins deepen its integration into traditional finance...

Interactive Strength partners with Fetch.ai to launch a $500M AI token treasury

Interactive Strength Launches $500M AI Token Treasury in Landmark Fetch.ai Deal

June 11, 2025

Interactive Strength launches $500M AI token treasury with Fetch.ai, aiming to boost shareholder value and bring decentralized AI...

Press Releases

image2

Could XYZVerse Overtake DOGE and SHIB? Analysts Say $0.003333 Could Explode to $10!

March 30, 2025

XYZVerse aims to outpace DOGE and SHIB, with bold $10 price goals, strong community rewards, and rising demand as it...

image1 1

Massive Institutional BTC Buys Could Launch the Next Bull Market: 5 Altcoins to Watch

March 29, 2025

Institutional Bitcoin buys may trigger a market surge. Five altcoins, including $XYZ, stand to gain—early investors could see major ROI...

image1

XRP Faces Strong Resistance While XYZVerse Gains Early Investor Attention With 10 Billion $XYZ Airdrop

March 28, 2025

XRP struggles at resistance, while XYZVerse grabs early investor attention with a 10B token airdrop and rapid growth toward a...

BTC

Popular Memecoin MEW Pledges $10,000 to Pasadena Humane Organization to Aid Animals Affected by California Wildfires

January 20, 2025

MEW memecoin donates $10K to Pasadena Humane for wildfire-affected animals. Join the mission to aid pets and wildlife in crisis...

View All
BTC-Pulse LogoTransparent

© 2024 BTC-PULSE. Disclaimer: The content is for informational purposes only, you should not construe any such information or other material as legal, tax, investment, financial, or other advice.

News

  • Altcoins
  • Bitcoin
  • Ethereum
  • NFT
  • Regulation
  • WEB 3.0

Info

  • Learn
  • Price Prediction
  • Events
  • Press Releases
  • Sitemap

Company

  • About Us
  • Terms of Service
  • Privacy Policy
  • Contact Us
  • Advertise

©2024 BTC-PULSE – All right Reserved.

No Result
View All Result
  • News
    • Altcoins
    • Blockchain
    • Bitcoin
    • Ethereum
    • NFT
    • Regulation
    • WEB 3.0
  • Price Prediction
  • Learn
  • Events
  • Advertise