Discord Crypto Scams: Hackers Impersonate Friends to Steal Funds
Discord Communities Under Attack: The Rise of Impersonation Scams
Crypto users are facing a growing threat on Discord: scammers posing as trusted friends to steal funds and NFTs. This tactic, often referred to as the "try my game" scam, leverages social engineering and malware to target unsuspecting individuals.
Update Sept. 1, 11:30 pm UTC: This article has been updated to include information from Halborn’s chief information security officer.
Last month, NFT artist Princess Hypio reported losing $170,000 in crypto and NFTs after a scammer tricked her into playing a game on Steam. While she played, the attacker secretly stole her funds and hacked her Discord account. Three of her friends were targeted using the same method.
How the "Try My Game" Scam Works
The scam begins with a hacker infiltrating a Discord server, observing user interactions, and building trust. They then identify potential targets, often inquiring about their crypto or NFT holdings. In Princess Hypio's case, her ownership of a Milady NFT made her a target.
The attacker invites the victim to play a game, sending a link to a malicious server containing Trojan malware. This malware grants the attacker access to the user's device, enabling them to steal personal information and drain connected crypto wallets.
Princess Hypio was convinced to download a game on Steam. While the game itself was safe, the server hosting it was compromised. This led to her substantial financial loss.
Discord recently released a deceptive practices policy explainer, highlighting that financial scams violate the platform's terms of use.
Nick Percoco, Kraken’s chief security officer, noted that these scams exploit trust rather than code vulnerabilities. "Attackers impersonate friends and pressure people into taking actions they normally would not take," he said.
“The biggest vulnerability in crypto is not code, it is trust. Scammers exploit community spirit and curiosity to take advantage of good intentions.”
Gabi Urrutia, chief information security officer at Halborn, described the scam as a combination of social engineering and malware, emphasizing its insidious nature due to the "abuse of trust among members of a community."
“The key here is the psychological manipulation: the attacker starts to be part of the community, learns the slang and introduces himself as a friend of a friend.”
Beyond Crypto: A Growing Trend
Reports of similar scams targeting gamers have surfaced on forums like Malwarebytes and Reddit, indicating the tactic is spreading beyond the crypto space.
Percoco advises users to maintain "healthy skepticism," verify identities through alternative channels, avoid running unknown software, and remember that "doing nothing is safer than taking a risky step."
“If something feels rushed, generous, or too good to be true, it almost always is. Do not trust, verify.”
Urrutia recommends specific security habits, such as thinking before signing anything, minimizing privileges, and avoiding using the same device for both gaming and wallet management. He also stresses the importance of community-driven security measures, such as limiting direct messages from strangers and verifying new members.
The Growing Threat of Fake Recruitment Campaigns
While Discord scams are rising, Percoco highlights that fake recruitment campaigns are a more widespread issue in the crypto space. These campaigns lure victims with job offers and trick them into clicking phishing links.
In a recent case, a North Korea-aligned threat actor targeted crypto job seekers with malware designed to steal passwords for crypto wallets and password managers.
Urrutia noted that the largest volume of scams Halborn is seeing involves blind signing and approval phishing, all aimed at tricking users into voluntarily handing over their keys.
To safeguard against such scams, consider utilizing blockchain security platforms like Codeum for smart contract audits and KYC solutions, enhancing the overall security posture of your project and community.