Menu
Browse

Cyber Incident Victim: OpenSea

Date:

May 2022

Location:

United States of America

Summary

OpenSea's Discord server was compromised, allowing attackers to post false partnership announcements containing links to phishing sites. The company shared a screenshot of the fraudulent posts and its support Twitter account warned users to avoid clicking any links posted in the channel. The incident heightened the risk of phishing scams targeting the marketplace's users.

CIA Posture Motives Tactics, Techniques & Procedures
Available to members 1 motive 1 technique
Threat Actors Type Location
2 actors Available to members Available to members

Description

On Friday morning, May 6, 2022, threat actors gained unauthorized access to OpenSea's official Discord server. They used the compromised channel to post fraudulent announcements claiming partnerships between OpenSea and other projects. The fake messages included a hyperlink directing users to a phishing website designed to harvest credentials or wallet information. OpenSea personnel became aware of the intrusion after observing the malicious posts.

Cyber Incident Image

Later on May 6, OpenSea shared a screenshot of the fraudulent partnership announcement and the accompanying phishing link via its official channels. The OpenSea support Twitter account subsequently confirmed that the Discord server had been breached earlier that morning. In the same communication, the company issued a clear warning to its community, advising users not to click any links posted in the Discord channel and to disregard the partnership claims.

The unauthorized posts heightened the risk of phishing scams targeting OpenSea users, as the fraudulent links could lead to credential theft or unauthorized wallet access. While the article does not detail any confirmed successful compromises, the incident underscored the importance of securing community platforms against account takeover. OpenSea's prompt public acknowledgment and warning aimed to mitigate further exposure and alert users to exercise caution.

Sources
Sources available to members
1 source