In Brief:
- Twitch Co-Founder Justin Kan’s NFT startup’s discord got hacked.
- Scammers stole 862 SOL($150k) from 373 of the channel’s users.
- Fractal team will refund the users who lost their holdings.
Twitch Co-Founder Justin Kan’s Fractal NFT startup became the latest victim of scammers. Fractal NFT project’s discord got hacked, and crypto worth $150,000 was stolen.
A scammer hijacked the startup’s Discord announcement bot, which sent out a fake link to the platform’s over 100,000 members, encouraging them to pay for a new NFT.
The scammer message offered users access to 3,333 celebratory NFTs to honor the platform’s success, but the link was a distorted URL that substituted an I for an “l,” in fractaI.is.
The majority of Discord members immediately recognized the message as a scam, but some who were eager to participate in the NFT drop went ahead and clicked on the site’s “mint” button, which required 1 SOL to mint each NFT.
When users connected their Solana wallets, their entire accounts were emptied.
Regardless of the fact that the Fractal team shut down the announcements channel altogether within only 5 to 10 minutes, 373 users were still hacked, losing approximately 862 SOL worth around $150,000.
Fractal is a new NFT project that specializes in the purchase and sale of NFTs that represent in-game assets. It was unveiled in December and soon grew to a Discord community of over 100,000 participants.
According to a tweet from the official Fractal account, the fake message was sent to Discord using a webhook. Webhooks are a web application design element that allows an application to listen for a message sent to a specific URL and respond by initiating an event.
Fractal has issued an official statement to the attack, stating that anyone who was a victim of the scam will be completely compensated and that only 0.3 percent of its users fell for the scam.
Fractal has contacted Discord Trust and Safety to do a comprehensive audit of its Discord security. The team also used this as a warning to its followers to exercise caution while dealing with cryptocurrency.
As written in the statement, “If something doesn’t feel right in crypto, please don’t proceed, even if at first it looks legitimate. We must use our best judgement as there’s no ‘undo button’ in crypto.”
Despite the fact that the Discord bot’s post was a hoax, Fractal’s official Twitter account had just hours earlier tweeted about a forthcoming airdrop. The team warned later that the next exploit might be much larger, and that Fractal may not be able to compensate for future losses.
