On March 25, bad players in the crypto space launched a malicious attack weakening Discord server security protocols to lure investors into purchasing a fake digital asset. The exploit was launched on the vulnerable Discord server of the Arbitrum (ARB) system to enable the hackers to update a phishing link on the network.
The suspicious link allowed the user to stake on the Arbitrum networks. The link deceived the users into revealing their confidential information, including usernames and passwords.
Discord Server Hacked
Following the malicious attack, the Discord team launched an internal and external investigation to address the security breach. Based on a report from Web3 security firm CetriK the hackers shared misleading information on the Discord server platform to commit fraud.
CetriK statements were supported by one of the developers on the Discord platform whose account was used by the hackers to mislead the investors on staking services available on the Arbitrum DAO Governance.
The CetriK team revealed that the developers who fell into the hackers’ trap used the phishing link to reclaim extra stakes in the DAO governance. The hackers had notified the Discord community that the system experienced technical issues during the first token claim.
The probing team observed that the link shared by the hacker was inaccurate after finding an omission of words on the URL. The hackers used “Arbtirum” instead of “Arbitrum.”
Impact of the Discord Hack
Per the report, the affected victims lamented that the suspicious link redirected them to a fake website named Astaghfirullah, an Arabic word. They revealed that at the new website, they were instructed to provide personal information such as private keys and digital wallet logins, among other sensitive data, to access services.
An official announcement from the Discord team alerts investors and developers on the rise of crypto crimes. The report urges investors to remain vigilant on suspicious crypto activities. The investors should avoid interacting with information from unknown sources, including links or suspicious files.
Also, the Discord team has encouraged users to abide by the company authentication procedures to safeguard their confidential information. The March 25 hack has compelled the Discord team to develop robust security measures to protect user interest.
The probing team has advised the Discord team to invest in improving the existing cyber security protocols. The team has also been encouraged to review the security measures regularly.