According to tweets from users and security firm PeckShield, OpenSea’s Discord service was hacked to push a fraud.
“We are presently researching a potential vulnerability in our Discord,” said OpenSea. “Please do not click on any links on the Discord.”
The access appears to have been exploited to advertise a phony NFT mint. According to images, a Discord server announcement stated that a mint pass was being issued in partnership with YouTube. It sent users to a page that had the name YouTube but was not the actual YouTube website. The URL has been detected as a phishing site by PeckShield.
In the announcements channel, the hoax message was disseminated. Users can no longer access this channel.
It’s unknown whether any users were affected by the hack or whether any NFTs were lost.
Similar assaults have been reported in the NFT sphere, where Discord servers are frequently hacked to advertise fraudulent prizes. This happened on the Discord server of the Bored Ape Yacht Club. More recently, the Bored Ape Instagram account was hacked to advertise a bogus NFT mint, which raked in $2.8 million in NFTs from unsuspecting users.
OpenSea has been contacted for comment, and we will update this article if we receive a response.