AUS
NZ
UK
CA
USA
IND
Over the weekend, several high-profile blockchain projects experienced similar security breaches on their Discord servers, involving fraudulent token distribution schemes.
The official Discord servers for {Avalanche} AVAX and ZKSync were compromised within 48 hours of a similar attack on Polygon’s Discord. On August 25, Avalanche’s official account warned users not to engage with or click on any links following the breach. Screenshots from Avalanche's Discord revealed attackers posting links to fake token distribution schemes, purported to offer free AVAX tokens. Avalanche’s community lead, Ben Well, confirmed that the issue had been identified and resolved, with efforts underway to restore the server.
Shortly after the Avalanche incident, ZKSync’s official Discord also fell victim to a breach. Hackers disseminated malicious links claiming to offer free ZK tokens through a fake “round 2 airdrop” scheme. Although ZKSync has not yet addressed the exploit publicly, several team members have acknowledged the issue on Discord.
These attacks followed a similar breach on Polygon’s Discord less than 48 hours prior. Polygon’s chief information security officer, Mudit Gupta, confirmed the attack and advised users to avoid clicking on any links until the situation was resolved. One reported victim, ValidatorK, experienced a loss of Ether after interacting with a seemingly legitimate announcement on Polygon’s Discord.
This string of attacks highlights a troubling trend of Discord exploits within the blockchain community. On March 25, 2023, blockchain security firm CertiK reported a phishing scam targeting the Arbitrum Discord server, involving a fake announcement with a malicious link. Similarly, on May 5, the Gnus.AI artificial intelligence network faced a Discord-related exploit that resulted in significant financial losses.
These incidents underscore the need for heightened vigilance and security measures within the blockchain community to safeguard against such phishing schemes and attacks.
