Users of NFT Marketplace OpenSea report active scammers using the Discord-based support platform to gather information about potential victims.
Fraud within the framework of the cryptocurrency market is so common that it has even become commonplace. Every day, dozens and hundreds of digital asset theft reports come from around the world. However, the most dangerous attackers are not those who steal personal information from your computer/smartphone, but those to whom you personally transfer this data.
Social engineering has been and remains a leader among the tools used by criminals to steal your crypto assets for years. These people present themselves as experienced traders, representatives of various projects, technical support employees and do everything to ensure that ordinary users communicate to them private information with which attackers have access to their cryptoassets.
Some time ago one of the users of NFT Marketplace OpenSea reported the actions of criminals specializing in social engineering on Twitter. Jeff Nicholas complained that, posing as a technical support specialist, the attacker stole all his non-fungible tokens, as well as 4.5 ETH (more than $ 14,000) stored on the wallet.
According to Nicholas, the attackers asked him to share his screen and told him to resync the MetaMask Chrome extension with the MetaMask mobile app.
To synchronize the MetaMask mobile wallet with the Chrome extension, the user must go to the settings menu, which will display the option of synchronization with a mobile phone. After confirming the procedure, the wallet will ask you to enter the password and display the QR code.
After taking screenshots of the above information, any fraudster will have easy access to the victim’s wallet and will be able to dispose of the funds in it, at their discretion.
According to the Data Breach portal, the photographer and assistant professor at Keio University, Sean Bonner, attributes this problem to the fact that instead of establishing a closed channel of communication with technical specialists, OpenSea uses the Discord chat platform to assist customers. According to him, hackers hunt down applications left by users and armed with this information, they pose as representatives of the technical team of the market. There is nothing surprising that people believe in it.
OpenSea product manager Nate Chaysten also responded to the incident. He expressed his condolences to the victim and asked users to contact support through the help center.
Sean Bonner said that in order to ensure that other users are not deceived by attackers posing as the platform’s technical support on Discord, OpenSea should stop providing any kind of advice through this network. He also added : “In addition, they must repayfrom the stolen Ethereum and the market value of the non-fungible tokens to the victim.”
I think cryptocurrencies open up new perspectives for us that I don’t want to miss at all. I try to enrich my skills in this matter and share everything I learn with my followers.
DISCLAIMER
The words and opinions expressed in this article are the sole responsibility of the author and should not be considered as investment advice. Conduct your own research before making any investment decisions.