Polygon suffered a security breach today as hackers took over its community Discord channel for approximately three hours. The breach, which led to scammers infiltrating the channel and targeting users, has now been resolved.
Mudit Gupta, Polygon’s Chief Information Security Officer, confirmed that the team has regained full control of the Discord server and is reverting the changes made by the hacker.
Details of the hack
The breach was first reported when several Polygon users noticed suspicious activity on the Discord channel. Scammers posing as legitimate support agents began flooding the support channel, posting malicious links, and misleading users.
One community member, took to social media platform X to warn others about the situation, highlighting scam links in the announcements channel. The user noted:
“I could see a lot of people asking for help in support and scammers, under the guise of help, misleading them.”
As a result of his efforts to alert the community, he received a timeout from the channel moderators.
In a more severe case, another user, “ValidatorK,” reported losing $150,000 worth of Ether (ETH) after interacting with what appeared to be an official announcement.
The attack raised questions about Polygon’s security measures, despite Gupta claiming that all privileged accounts on the server had two-factor authentication (2FA) enabled.
The timing of the breach was particularly concerning for Polygon, as it coincided with the platform’s ongoing network upgrade. Polygon is scheduled to replace its native token MATIC with the new POL token on September 4.
Rising trend of Discord hacks
Discord channel hacks have become an alarmingly popular avenue for hackers, given its popularity among the crypto community. Since Discord channels are often used to communicate valuable information or manage assets, it has become a lucrative source for cybercriminals.
The hack of Polygon’s Discord channel is the latest among a series of similar attacks. On March 25, 2023, the Arbitrum Discord server was compromised as hackers managed to post a phishing link on the official channel.
On May 5, Gnus.AI, an artificial intelligence network, saw a loss of around $1.27 million following a similar breach of its Discord server.
Source: https://cryptoslate.com/polygon-regains-access-to-discord-server-following-security-breach/