Last month, some users of the leading NFT marketplace OpenSea fell victim to a phishing attack that claimed around $1.7 million worth of digital collectibles. Malicious actors have now moved over to the recently-launched Rare Bears NFT project, with users losing NFTs and other cryptocurrency assets worth around $790,000 in a phishing attack.
The Rare Bears team revealed that the hacker took advantage of the weakened security in its Discord group to spread a phishing link.
The NFT collection, which consists of 2,400 cartoon-themed bears on Ethereum, was created by New Zealand-based digital “Enox” and only went public last week.
A screenshot posted by a user on Twitter showed what seemed to be a bogus message from an imposter disguised as a Discord administrator named Zhodan.
The message from the hacker, which had a link to a scam website, implied that there was a new NFT minting. This message enticed members with info of an additional 1,000 NFTs being added to the collection at a mint price of 0.1 ETH ($280).
According to security firm PeckShield, the bogus website anchored a malicious smart contract that gave them control over unsuspecting victims’ wallets after any form of interaction. Through this avenue, the hacker made away with 179 NFTs along with other assets belonging to everyone involved in the mint.
Subsequently, the hacker started transferring the loot to their Ethereum address at about 7:34 PM UTC on Wednesday, where the NFTs were sold one at a time at about 286 ETH (approximately $790,000).
A majority of the sum (213 ETH) was dispersed through mixing service Tornado Cash while the remaining 72.3 ETH was sent across three wallets, probably under the hacker’s control.
Many other high-value items from popular collections like CloneX, Azuki, mfer, 3landers, and Sandbox were among the assets stolen.
Rare Bears suggests that a hacked device might have been responsible for the heist. It is still unclear how the Discord was compromised.
Attacks targeting NFT holders like this have become more prominent on Discord. Last year, a hacker stole $340,000 worth of Ethereum from the Creature Toadz NFT project using a phishing link, only to return it to his victims.