On September 22, 2022, Boring Security tweeted about a new Discord scam that aims to steal authentication tokens from the creators of various NFT and Metaverse projects, using links to real NFT and Metaverse project websites to appear to be a legitimate partnership initiative.
Today, Boring Security released a report on how its founder became the target of the new Discord scam through a seemingly legitimate partnership request with the perpetrator using Everdome as a cover.
According to Boring Security, the new scam targets crypto community servers and crypto project founders using real project website names.
As reported, these scammers act very professionally and solicit partnerships, primarily utilizing upcoming crypto projects from targeted Metaverse and NFT Discord communities from founders and managers.
During the tour, the targeted Rep or Founder will be asked to test mint land using the Chrome browser, which the site, unfortunately, isn’t minting yet; As a result, it will fail. Based on this, the representative is requested to help them debug the website using the Chrome developer tools.
As stated by plumferno.eth on Twitter, the compromised account can be fixed by changing the password associated with the account. Also, individuals are advised not to use the developer tool unless they know what they are doing.