The hackers flooded the support channel with scam links while masquerading as helpful agents.
Following a three-hour hack, hackers successfully reclaimed Polygon’s Discord server by targeting the project’s community channel.
The infiltration, which involved scammers posing as support agents and disseminating malicious links, has now been resolved, confirmed Mudit Gupta, the Chief Information Security Officer at Polygon.
Polygon Community Members Detect Unusual Activities
Members of the Polygon community noticed strange activity on the channel, which led to the discovery of the incident.
Posing as helpful agents, the hackers inundated the support channel with links to scams.
A Polygon Discord user used the social media site X to notify other users of the possible security breach.
He detailed the dishonest tactics used in the support channel and shared the dubious links that were posted in the announcement channel.
PSA: Do not click on any links in the @0xPolygon community discord until further notice.
— Mudit Gupta (@Mudit__Gupta) August 24, 2024
It has been compromised and we're trying to get back ownership.
However, some users have already been affected by the breach. A user going by the handle “ValidatorK” reported losing $150,000 in Ether (ETH) after acting on what appeared to be an official announcement.
Despite Gupta’s guarantee that two-factor authentication (2FA) was activated for all privileged accounts, the breach not only exposed important assets but also raised questions about Polygon’s security procedures.
The hack happened as Polygon was getting ready to upgrade its network and switch from its native token, MATIC, to a new token, POL, which would go live on September 4.
Discord hacks are becoming more and more problematic, especially in the cryptocurrency community where Discord is the main platform for communication.
These channels have developed into hotspots for cybercriminal activity because they are frequently stores of vital data and asset management tools.
Earlier this year, similar incidents were reported with other prominent crypto platforms.
A phishing link was inserted into the official channel of Arbitrum Discord on March 25th thanks to a hack that took place on the server.
On May 5, there was news of another breach in which a hack into Gnus.AI’s Discord server resulted in a loss of about $1.27 million.
Illicit Crypto Transactions Drop in 2024
Even though certain categories of criminal activity within the cryptocurrency space increased, a recent Chainalysis report showed a decrease in overall illicit cryptocurrency transactions in 2024.
Hacking and ransomware attacks are becoming more common, according to a report released on August 15 as part of the mid-year crypto crime update.
Two categories, in particular – stolen funds through hacking and ransomware attacks – have seen an uptick.
The total value of cryptocurrency theft by the end of July was $1.58 billion, an 84% rise over the same period in 2023.
The average amount taken per hack increased significantly, even though the number of hacking incidents increased by only 2.8% year over year.
Through 16 different breaches, hackers took about $266 million in July alone, causing significant losses for the cryptocurrency industry.
The attack on the Indian cryptocurrency exchange WazirX on July 18 is noteworthy. Of the total losses for the month, over $230 million, or 86.4%, were attributable to the attack alone.