Scammers have reportedly found a new way to compromise users’ Discord accounts — including those on servers related to cryptocurrencies and non fungible-tokens (NFTs) — by hijacking QR codes used for logging in.
According to pseudonymous crypto enthusiast Serpent, malicious actors — disguised as Discord’s verified bot called Wick—are now reaching out to users to offer a collaboration, potential employment, or some other enticing opportunities. But there’s a catch — to continue the discussion, scammers ask users to verify via a QR code.
New NFT discord scam going around, this time using QR codes.
Pretty terrible scam, but this is how it works 🧵👇
— Serpent (@SerpentAU) April 4, 2022
This is because Discord has an option to log in using a special QR, bypassing two-factor authentication. In reality, however, “scammers are using Chrome drivers to open the login page, get the QR code image, then send it to the Discord bot, asking people to verify themselves,” Serpent explained.
If a user scans such a code, bad actors can instantly log into their account and snatch their Discord token, a unique series of numbers and letters that is created when people connect to the app. If this happens, users need to reset their passwords as soon as possible.
Why is it dangerous?
While access to a Discord account won’t directly endanger someone’s crypto or NFTs, such security breaches are still dangerous and can enable to all manner of cyberattack vectors.
5/ Thank for coming to my ted talk. Stay safe & stay vigilant, threat actors are everywhere these days and they try to scam us 24/7. Double check everything you see and ask yourself: “Is this safe to click” -K3rnel🤍
— K3rnelPan1c.eth (@Krn3lPanic) March 14, 2022
For example, malicious QR codes can be used to add new—and potentially suspicious—contacts to users’ lists. Further, such codes also allow to connect victims’ devices to the hacker’s network, automatically initiate phone calls as well draft emails and send text messages. Not to mention that such QR codes can reveal users’ locations and initiate fraudulent payments.
Things we can no longer do:
📍open dms on discord
📍scan QR codes
📍click unknown links
📍click on google drive links
📍do art commissions for strangers
📍store nfts on hot wallets
— Ƨ 👁 and 776 others (@stellabelle) April 4, 2022
As CryptoSlate reported, cyberattacks have been picking up steam on Discord lately. Notably, not only regular users but major crypto companies are being hacked as well.
On April 1, for example, the Discord server of the famous Bored Ape Yacht Club NFT collection was compromised by hackers.
STAY SAFE. Do not mint anything from any Discord right now. A webhook in our Discord was briefly compromised. We caught it immediately but please know: we are not doing any April Fools stealth mints / airdrops etc. Other Discords are also being attacked right now.
— Bored Ape Yacht Club (@BoredApeYC) April 1, 2022
At the time, the hacker gained access to the Discord server that hosts Bored Ape Yacht Club, Mutant Ape Yacht Club, and Mutant Ape Kennel Club—all three NFT collections from Yuga Labs.