Soup was exposed by crypto sleuth zachxbt, who also described how the scammer had spent some of his ill-gotten funds on exclusive Roblox items that sell for "high 5 figs".
Scammer "Soup" makes more than $1 million through Discord hacks
A Canadian named Dan, who goes by "Soup" online, made more than $1 million through various phishing scams targeting Discord projects including those belonging to the Pika Protocol and Orbiter Finance. In one scam, he impersonated crypto journalist Luke Hamilton, trying to convince victims to join a fake Decrypt Discord server so he could steal their credentials.
OptyFi shuts down, citing regulatory threats and failed fundraising attempt
OptyFi, a so-called "AI-powered defi" project, announced it would be shutting down for a variety of reasons. First, they blamed their recent failed token sale, in which they had hoped to raise $600,000. They blamed this failed sale on their Discord project being hacked, and on various community members falling victim to a fake token sale link.
However, they stated that the main reason they decided to shut down the project was the "significant and mounting regulatory challenges", pointing to the recent claim by the BarnBridge defi project that they were under SEC investigation. According to OptyFi, they are concerned that the $OPTY token or OptyFi vault tokens could be deemed securities, or that the OptyFi vaults themselves could be determined to be a "Mutual Fund type vehicle".
OptyFi promised to refund any tokens purchased during the most recent token sale, but many community members still accused the project team of rug pulling. OptyFi had previously raised $2.4 million in a seed funding round in January 2022.
- "OptyFi Project Update", Medium
- "Press release: OptyFi raises $2.4M seed round, launches on mainnet", CoinTelegraph
Scammers capitalize on Binance lawsuit fears to pull off Discord phishing scam
Adding insult to injury in Binance's tough couple of days, someone has managed to hijack the Discord vanity URL used by BNB Chain, the blockchain project associated with Binance. The scammers created a fake Discord channel where they have posted a message: "In order to curb the reactionary market's response to patently false SEC accusations, we are hosting a $BNB airdrop on BSC to show our faith in our technology and community!" The scammers urged members to connect their crypto wallets, ostensibly to receive their share of the roughly 100,000 BNB (nearly $30 million) the scammers claimed they'd allocated to the giveaway.
After this was brought to BNB Chain's attention by crypto sleuth zachxbt, they tweeted that they "acted quickly (within 10 minutes) to ban the offending accounts and remove the posts. We've taken steps to secure the server and protect against any further abuse." However, less than an hour later they put out a new tweet announcing that the URL had been hijacked to redirect to a new server.
"This is a scam, and if you connect your wallet, you will lose your funds. Please exercise caution until we are able to confirm a resolution", they wrote.
Arbitrum airdrop plagued by downtime, bugs, and scams
A token airdrop from the popular Arbitrum Ethereum L2 illustrated many of the challenges with airdrops: events where tokens are automatically distributed to a group of crypto wallets, in this case based on how much they had used the platform. The tokens will ultimately be used for community voting on protocol changes, but also have value on the secondary market. Users were eager to snap them up, particularly as users speculated that the price could reach $10/token (as yet it has not, remaining around $1.38).
However, the airdrop had a bumpy start, with scammers latching on to the event to proliferate fake airdrop websites. Phishers reportedly scammed more than 10,000 people using these schemes. At one point, Twitter even suspended the real Arbitrum Twitter account after mistaking it for one of the many phishing accounts. Attackers also compromised a Discord account belonging to an Arbitrum developer, using it to post a phishing link to the official Arbitrum Discord server.
Then, when the time for the airdrop came, the token claiming website crashed on the traffic, as did the Arbitrum block explorer. Those who were able to claim their tokens paid exorbitant gas fees, and some wallets attempting to estimate required gas fees malfunctioned, showing estimates in the billions of dollars.
Finally, the airdrop was widely gamed by people commandeering hacked vanity addresses to receive the airdrop tokens allocated to them, with at least $500,000 worth of tokens reportedly claimed by one attacker. Other attackers scrambled to compete with one another to claim tokens allocated to compromised wallets whose private keys had been shared publicly on Github and elsewhere, trying to be the first to siphon the funds. Two additional exploiters siphoned a combined total of more than 1 million ARB tokens from other wallets. One sold them for 713 ETH ($1.27 million); the other transferred the ARB tokens to other wallets.
- "Arbitrum Shows Just How Messy (and Tricky) Crypto Airdrops Can Be", CoinDesk
- "Arbitrum Foundation Homepage Crashes as Users Rush to Claim ARB Tokens", Decrypt
- "Arbitrum airdrop: Hacked vanity addresses used to siphon $500K", Cointelegraph
- "Hackers exploit Discord server to launch fake Arbitrum airdrop", Cryptopolitan
- "Over 1M Arbitrum tokens lost to phishing attack", CryptoSlate
At least 101 NFT Discord servers compromised in July
I've largely stopped covering crypto Discord compromises because they occur so frequently it would drown out everything else. OKHotshot has been keeping count, though, and according to them, at least 101 servers have been compromised in the month of July. Four of the projects — EY3KON, Tasty Bones, Universe by Barnabe, and Angry Dinos — were each compromised twice in that month.
Lacoste Discord among the latest to be hacked
So, apparently polo shirts have NFTs now. Fashion brand Lacoste's NFT project is titled "Undw3", which is apparently supposed to be pronounced "underwater" — I guess if you say the 3 in French it sort of sounds like the English... word... "underwater"... anyway. The Discord for that NFT project was one of the latest to be hacked in a string of Discord hacks so prolific that I've basically stopped reporting on them individually. Like many recent Discord hacks, this one was accomplished by compromising a moderator's account. The account was then used to post a fake mint link, and users who signed the transaction approval found their assets transferred to the attacker.
Since the last post about an NFT project having its Discord compromised, five days ago, we've seen at least fifteen more projects suffer the same: Clyde, Good Skellas, Duppies, Oak Paradise, Tasties, Yuko Clan, Mono Apes, ApeX Club, Anata, GREED, CITADEL, DegenIslands, Sphynx Underground Society, FUD Bois, and Uncanny Club.
Known Origin is the latest project to have their Discord compromised
The Discord server for Known Origin, a fairly major NFT platform, was compromised. The scammer used their access to advertise a fake free NFT mint, which actually would steal NFTs if a user tried to connect their wallet.
This is the latest in a long string of Discord compromises. Other hacked servers in recent days included those for Curiosities, Meta Hunters, Parallel, Goat Society, RFTP, and Gooniez.
A wave of Discord moderator account hacks impacts multiple NFT-related servers
The June 4 compromise of the Bored Apes Discord was only one of several Discord hacks in a several-day period. All the attacks appeared to involve user accounts of individual moderators being compromised and used to post fake announcements that lured users of the server to phishing sites that stole NFTs. Discord servers for Yung Ape Squad, Apocalyptic Apes, Bubbleworld, and Aiternate were among the projects affected.
The Apocalyptic Apes Discord attackers stole around 21 NFTs. Bubbleworld attackers stole 171 NFTs, with combined floor prices amounting to around $243,000.
Bored Apes Discord compromised again, 32 NFTs stolen and flipped for $360,000
Scammers were able to compromise the Discord account of a Bored Apes community manager, then use it to post an announcement of an "exclusive giveaway" to anyone who held a Bored Ape, Mutant Ape, or Otherside NFT. When users went to mint their free NFT, the scammers were able to steal their pricey NFTs. The scammer quickly flipped the stolen NFTs for a total of around 200 ETH (about $360,000), then began transferring funds to Tornado Cash.
The Bored Apes Discord was also compromised on April 1, along with those of several other big-name NFT projects.
Fake minting links distributed after several large NFT Discord servers are compromised
Members of several large NFT Discord servers began seeing suspicious-looking messages announcing supposed NFT mints that turned out to be fakes. Affected communities appeared to include Moonbirds/PROOF, Axie Infinity, RTFKT, Memeland, Alien Frens, and others. The attack appeared to involve a Discord bot called MEE6, though there was some confusion around whether there was a compromise of MEE6 itself or if it was simply used in the attack. The following day, MEE6 acknowledged that an employee account had been compromised.
Bot compromises have emerged as a wide attack vector in crypto and web3 communities, as widely-used bots can have elevated permissions across Discord channels used as official information sources across many communities.