Layer-1 network Avalanche and layer-2 blockchain ZKsync’s official Discord servers have also been hit with exploits less than 48 hours after the Polygon’s Discord was compromised.
In an Aug. 25 post to X, the official account for Avalanche shared that its Discord server had been compromised and urged users not to interact with or click on any links.
According to screenshots shared by members of the Avalanche Discord on X, the attackers posted several links to sham “distribution” schemes for Avalanche (AVAX) tokens, claiming that holders and community members could claim free AVAX.
Screenshot of a sham link from Avalanche’s Discord server. Source: X
An hour later, Avalanche’s community lead, Ben Well, wrote that the Avalanche team had “found” the issue and resolved it. He added that the team was working to restore the server to normal.
However, only one hour after the Avalanche exploit, the official Discord of the ZkSync was also reportedly compromised.
Hackers once again shared malicious links to a sham “round 2 airdrop” scheme, promising users free ZK tokens.
Source: HammerToesKnows
ZkSync has not addressed the exploit on X however several of ZkSync’s team members have made note of the compromise on Discord.
The attack on Avalanche and zkSync came less than 48 hours after the official Discord for Polygon was compromised in a similar manner, with hackers sharing malicious links throughout the server.
Polygon’s chief information security officer Mudit Gupta, confirmed the breach and urged users to avoid clicking on any links shared within the Discord channel until the situation is fully resolved.
Related: Discord crypto trading bot shuts down after ‘critical exploit’
One user, ValidatorK, reported a loss of $150,000 worth of Ether (ETH) following an interaction with what appeared to be an official announcement on Polygon’s Discord channel.
The recent attacks add to a growing roster of similar Discord exploits.
On March 25, 2023, blockchain security firm CertiK revealed a phishing scam circulating on the Arbitrum Discord server. The scam — believed to have been orchestrated through a hacked developer account — involved a fake announcement containing a malicious link.
Similarly, on May 5, the Gnus.AI artificial intelligence network fell victim to a Discord-related exploit, resulting in a loss of approximately $1.27 million.
Web3 Gamer: Axie Infinity creator wants to ditch Discord, SocialFi boosts gaming revenue