Menu

  • Alerts
  • Incidents
  • News
  • APTs
  • Cyber Decoded
  • Cyber Hygiene
  • Cyber Review
  • Cyber Tips
  • Definitions
  • Malware
  • Threat Actors
  • Tutorials

Useful Tools

  • Password generator
  • Report an incident
  • Report to authorities
No Result
View All Result
CTF Hack Havoc
CyberMaterial
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
Hall of Hacks
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
No Result
View All Result
Hall of Hacks
CyberMaterial
No Result
View All Result
Home Incidents

Discord Crypto Communities Targeted

May 30, 2023
Reading Time: 2 mins read
in Incidents

 

In the past month, several Discord communities focused on cryptocurrency have fallen victim to hacking incidents due to a sophisticated phishing attack. The attackers tricked community administrators into running malicious Javascript code disguised as a Web browser bookmark. The attack involved luring victims through interview requests from individuals posing as reporters from crypto-focused news outlets.

Victims were directed to fraudulent Discord servers for identity verification, where they were asked to complete a verification step that involved dragging a button to their browser bookmarks. Unbeknownst to the victims, this action added a snippet of malicious Javascript that stole their Discord tokens. The attackers then used the compromised administrator accounts to post announcements about fraudulent money-making opportunities, while banning and deleting messages from anyone who questioned the scam.

Nicholas Scavuzzo, an associate at Ocean Protocol, shared his experience where an Ocean Protocol Discord server administrator clicked on a phishing link, resulting in the compromise of their account. Despite having multi-factor authentication enabled, the attackers used a CAPTCHA bot to gain access to the administrator’s Discord cookies.

This allowed them to hijack the account and carry out unauthorized activities, such as promoting a fake Ocean airdrop. Although Ocean Protocol managed to mitigate the attack, changing the server’s access controls and removing team members, other Discord communities like Aura Network and Nahmii also reported similar compromises with fake airdrop campaigns being disseminated.

A cybersecurity industry source engaged in Discord security work encountered one of the fake journalist scams and obtained information about the scammers. The source discovered that a user with the “CEO” role in a fake Cryptonews Discord was associated with another username, “Levatax,” which led them to a Turkish coder named Berk Yilmaz.

However, Yilmaz denied involvement in the schemes, stating that his Microsoft Outlook account had been hacked, disconnecting him from Discord. This incident highlights the use of a malicious verification method involving bookmarklets, which store Javascript code as clickable links in the bookmarks bar. It is crucial for users to exercise caution and refrain from adding or dragging any bookmarks or bookmarklets to their browser unless they initiated the action themselves.

Reference:
  • Discord Admins Hacked by Malicious Bookmarks

Tags: CryptocurrencyCyber incidentCyber Incidents 2023CyberattackDiscordJavascriptJune 2023
ADVERTISEMENT

Related Posts

Morrisroe UK Company Hit By Cyber Attack

Boyd Gaming Reports Data Breach After Attack

September 24, 2025
Morrisroe UK Company Hit By Cyber Attack

Morrisroe UK Company Hit By Cyber Attack

September 24, 2025
Morrisroe UK Company Hit By Cyber Attack

GeoServer Flaw Breaches US Agency Network

September 24, 2025
Cyberattack Hits Europe Airport Systems

Cyberattack Hits Europe Airport Systems

September 22, 2025
Cyberattack Hits Europe Airport Systems

Ransomware Gang Hacks Spartanburg County

September 22, 2025
Cyberattack Hits Europe Airport Systems

Steam Game Steals Streamer Donations

September 22, 2025

Latest Alerts

Hackers Target AWS and Steal Credentials

SonicWall SMA100 Update Removes Rootkit

BadIIS Malware Spreads Via SEO Poisoning

SonicWall Warns Reset After Exposure

Infostealer Hits macOS Users Widely

FBI Issues Warning on Spoofed IC3 Website

Subscribe to our newsletter

    Latest Incidents

    Boyd Gaming Reports Data Breach After Attack

    Morrisroe UK Company Hit By Cyber Attack

    GeoServer Flaw Breaches US Agency Network

    Steam Game Steals Streamer Donations

    Ransomware Gang Hacks Spartanburg County

    Cyberattack Hits Europe Airport Systems

    CyberMaterial Logo
    • About Us
    • Contact Us
    • Jobs
    • Legal and Privacy Policy
    • Site Map

    © 2025 | CyberMaterial | All rights reserved

    Welcome Back!

    Login to your account below

    Forgotten Password?

    Retrieve your password

    Please enter your username or email address to reset your password.

    Log In

    Add New Playlist

    No Result
    View All Result
    • Alerts
    • Incidents
    • News
    • Cyber Decoded
    • Cyber Hygiene
    • Cyber Review
    • Definitions
    • Malware
    • Cyber Tips
    • Tutorials
    • Advanced Persistent Threats
    • Threat Actors
    • Report an incident
    • Password Generator
    • About Us
    • Contact Us
    • Advertise with us

    Copyright © 2025 CyberMaterial