TL;DR
- Avalanche and ZKsync Discords Compromised: Following a similar breach on Polygon’s Discord, the official servers of Avalanche and ZKsync were compromised, raising significant security concerns within the crypto community.
- Fraudulent Token Schemes: Attackers posted deceptive links on both servers, falsely promising free AVAX and ZK tokens to users, aiming to trick them into clicking malicious links.
- Ongoing Security Efforts: Both Avalanche and ZKsync teams are actively working to resolve the breaches and secure their servers, emphasizing the need for heightened vigilance and security measures in the crypto space.
The official Discord servers of Avalanche and ZKsync were compromised, following a similar breach on Polygon’s Discord. These incidents have raised significant security concerns, highlighting the vulnerabilities within popular communication platforms used by crypto projects.
Avax discord looking sus…disabled chat in all channels and an announcement about “claiming Avax from the foundation”
My advice?
…don’t click anything in that discord for a while… pic.twitter.com/x9MLy4vPeX
— Stog Chog🔺 (@stogchog) August 25, 2024
On August 25, Avalanche’s official account on X announced that its Discord server had been compromised. The attackers posted links to fraudulent “distribution” schemes, falsely promising free AVAX tokens to holders and community members.
Screenshots shared by Avalanche Discord members revealed these malicious links, which were designed to deceive users into believing they could claim free tokens. Shortly after the Avalanche incident, the ZKsync Discord server was also compromised.
Cybercriminals have shared misleading links advertising a fraudulent “round 2 airdrop” initiative, misleading users with false promises of free ZK tokens. Although ZKsync has yet to release an official statement regarding the incident on X, multiple team members have confirmed the breach on Discord.
Avalanche and ZkSync’s Response and Resolution
Avalanche’s community lead, Ben Well, confirmed that the team had identified and resolved the issue, and efforts were underway to restore normalcy on the server. Similarly, ZKsync’s team members have been working to address the breach and secure their servers.
These attacks on Avalanche and ZKsync closely followed the compromise of Polygon’s official Discord server, where hackers disseminated malicious links. Polygon’s CISO, Mudit Gupta, confirmed the breach and advised users to refrain from clicking on any links until the issue was fully resolved.
Crypto Market Implications
Polygon’s MATIC and ZkSync’s ZK tokens are trading at a loss, dropping between 3% and 1% in the last 24 hours, respectively. However, Avalanche’s AVAX is trading at a small gain of .08% in the time time frame.
Broader Implications
The recent breaches of Polygon, Avalanche, and ZKsync’s Discord servers highlight a concerning trend of high-profile security incidents within the crypto community.
On March 25, 2023, CertiK uncovered a phishing scam on Arbitrum’s Discord, where attackers used a compromised developer account to distribute a malicious link. Similarly, on May 5, the Gnus.AI network experienced a Discord-related exploit, leading to a $1.27 million loss.
Users are urged to exercise caution and verify the authenticity of any links shared within Discord servers. The recent compromises of Avalanche and ZKsync’s Discord servers, following the Polygon breach, have sparked significant security concerns.
As the crypto community grapples with these challenges, it is crucial to prioritize security and safeguard against such malicious attacks.