Polygon Discord compromise spreads on the avalanche and ZKSync

• The Discord server of Avalanche and ZKSync were compromised within 48 hours of polygon.
• attacker shared fake links that promised free tokens, and thus used both communities.
• Avalanche solved the problem within an hour, while the security gap at ZKSync continued to be uncomfortable.

At the weekend, the blockchain community was shaken by a series of Discord server compromises that started with polygon and quickly spread to the avalanche and ZKSync.

The incidents in which malignant links were spread that promised fake token distributions illustrate a growing trend of security violations that aim at cryptocurrency projects. These attacks not only undermine trust, but also represent considerable risks to the users' assets.

phishing links according to the Avalanche Discord compromise divided

On August 25th, the official Discord server from Avalanche was compromised, with attackers posting fraudulent links that are supposed to offer free Avax token.

The official Avalanche account immediately warned the users of interacting or clicking on the compromised server. Screenshots by members of the Avalanche community unveiled the nature of the fraud that promised alleged "distribution" programs for Avax-token.

Avax-Discord looks suspicious ... Chat deactivated in all channels and an announcement to "request AVAX from the Foundation"

My advice?

… In this discord, click nothing for a while in this discord ... pic.twitter.com/x9mly4vpex

- Stog chog🔺 (@stogchog) 25. August 2024

Ben Well, Community Manager of Avalanche, reported that the problem was identified and resolved within an hour and that efforts were currently made to restore normal server operation.

update: The official avalanche discord has been secured again and will be reopened if the CMS consider this to be appropriate. https://t.co/bmwsi87tas

- umline 🔺 (@avax) 25. August 2024

Despite the quick reaction, the incident aroused concerns about the susceptibility of large blockchain projects for similar attacks.

ZKSync Discord affected by the simultaneous attack

Another incident followed shortly afterwards on the security gap at Avalanche, which this time affected ZKSync. Just an hour after the attack on Avalanche, the Discord server was chopped by ZKSync.

The attackers used the same tactics, namely the spread of fake links. This time they promised the users free ZK tokens as part of a fake “Round 2 Airdrop” program.

Although ZKSync has not yet officially addressed exploit on social media, several team members have confirmed the problem in their discord channels.

attacks on Crypto-Discord server

The latest attack on polygon, avalanche and ZKSyncs' Discord is part of a troubling trend of spectacular data protection injuries in the crypto community.

on March 25, 2023, Certik exposed to a phishing fraud on Arbitrums Discord, in which a compromised developer account was exploited to spread a malignant link.

In a similar way, the Gnus.Ai network suffered a Discord-related exploit Dollar led.

This sequence of violations underlines a troubling pattern of coordinated attacks on prominent blockchain platforms. The attacks that contain phishing schemes and fraudulent token distributions not only threaten individual users, but also endanger the integrity of the projects concerned.