How it all first started
Just like Money Heist, hackers pulled an NFT heist on Beeple’s discord channel right before the auction of Human One, his latest creation, at Christie’s.
Mike Winkelmann, popularly known as Beeple, is a digital artist. His journey started on 1st May 2007 when he began posting a new digital art piece online everyday for 13 and a half years. Later the pieces got clubbed together into a digital art piece called Everydays: The First 5000 days. The Non-Fungible Token (NFT) was sold at Christie’s (the famous auction house) for a whopping $69 million. To put things in perspective that’s about Rs. 510 cr which is equivalent to about 1000 Bitcoins. We’d say that’s quite a bit!
Beeple was set for another auction of his masterpiece, Human One, at Christie’s auction house when the nightmare began. Beeple’s discord channel was compromised and fans were fooled into buying a fake drop from a fake Beeple.
Previously, Beeple had carried out an NFT drop where his NFTs were sold for as little as $1. Fans were expecting a similar drop right around the auction of Human One. Beeple’s twitter account and discord channel were heavily surveilled by fans in anticipation of a drop. However, things did not go quite as planned.
An administrator account on the channel named “Multi” was compromised along with Beeple’s announcements bot. The two heavily promoted a fake NFT drop from Beeple on Nifty Gateway.
Fans had their MetaMask wallets ready and eagerly awaited a signal to pounce on Beeple’s NFT drop. When the impersonators sent the link to Nifty Gateway (an auction platform for non-fungible token art), fans didn’t think twice before they began minting as many NFTs as possible. After minting, NFTs did not show up on their Nifty account. It was a scam! Fans lost as much as 38 ETH, that’s about Rs. 1.3 cr.
Beeple’s Human One eventually sold for $ 29 million (roughly Rs. 215 crore) at Christie’s but it was not a safe sail for Beeple’s fans.
More on Scam on Discord/Slack channels
Due to the pandemic, most of our interactions have moved online. Slack and Discord channels have been the biggest platforms for these online interactions. Moreover, this is a more rigid trend in the crypto community. This trend has also opened up avenues for scams.
There are people who are looking into this phenomenon. Cisco’s security division published research that highlighted how these channels have become the hotspots for cybercriminals. Criminals usually create trustworthy looking links and trap you as you click on them. At times, they take remote access to these infected machines or even steal data from victims. This has become a clear vulnerability for slack and discord.
Largely, it’s not a clear security vulnerability on slack or discord’s channels that gets exploited. It’s the trust that people have come to place in them. People are more likely to click on unwarranted links as compared to before, given we trust our the people we interact with on these channels. .
The most warned about exploitation technique is the use of their file hosting service. Since, anyone can upload content on Slack/Discord’s server and create an externally accessible link. Criminals can send these links by email which increases the likelihood of people opening them. In many cases these links contain malicious files that gain remote-access using spy tools such as Agent Tesla and Phoenix.
Hackers usually dress them as crypto mining programs, fake video games or video links. In Beeple’s case, hackers used this technique to plant malware in the admin and the bot’s authentication token, giving hackers the ability to impersonate them.
While Slack and Discord are actively trying to make their platforms safe from malicious links. It’s best if users are more cautious about accessing links from unknown personnel.