Cyber Incident Victim: OpenSea
Date:
May 2022
Location:
United States of America
Summary
OpenSea's Discord server was compromised, allowing attackers to post false partnership announcements containing links to phishing sites. The company shared a screenshot of the fraudulent posts and its support Twitter account warned users to avoid clicking any links posted in the channel. The incident heightened the risk of phishing scams targeting the marketplace's users.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 2 actors | Available to members | Available to members |
Description
On Friday morning, May 6, 2022, threat actors gained unauthorized access to OpenSea's official Discord server. They used the compromised channel to post fraudulent announcements claiming partnerships between OpenSea and other projects. The fake messages included a hyperlink directing users to a phishing website designed to harvest credentials or wallet information. OpenSea personnel became aware of the intrusion after observing the malicious posts.

Later on May 6, OpenSea shared a screenshot of the fraudulent partnership announcement and the accompanying phishing link via its official channels. The OpenSea support Twitter account subsequently confirmed that the Discord server had been breached earlier that morning. In the same communication, the company issued a clear warning to its community, advising users not to click any links posted in the Discord channel and to disregard the partnership claims.
The unauthorized posts heightened the risk of phishing scams targeting OpenSea users, as the fraudulent links could lead to credential theft or unauthorized wallet access. While the article does not detail any confirmed successful compromises, the incident underscored the importance of securing community platforms against account takeover. OpenSea's prompt public acknowledgment and warning aimed to mitigate further exposure and alert users to exercise caution.
