Polygon has regained access to its community Discord server after a four-hour security breach that resulted in the theft of approximately $145,000 from one user. The breach, which occurred early Saturday morning, involved a phishing scheme disguised as an airdrop ahead of Polygon’s migration from MATIC to POL. The Polygon team has since secured the server and disabled all external bots and integrations to conduct a thorough security review.
The hack took place on saturday, with a fraudulent message being posted on the Discord server, allegedly from the account of Polygon’s community lead, Smokey. The message falsely promoted a “special pre-migration” airdrop and included a phishing link designed to steal user assets.
Blockchain data shows that one user lost a Uniswap position valued at around $145,000 in the attack. The phishing transaction occurred roughly few minutes after Polygon’s chief information security officer, Mudit Gupta, posted a warning about the breach on X. However, the hacker had already targeted their victim by then.
The wallet address used in the attack has been linked to previous phishing incidents. Ten days prior, it transferred over $72,000 worth of ether to another wallet flagged by Etherscan as a phishing perpetrator. Five days ago, the same wallet moved an additional $29,500 worth of ether to another flagged wallet, which now holds $150,000 in assets. These transfers highlight the ongoing risks posed by such phishing schemes.
After regaining control of the Discord server, Polygon’s team disabled all external bots and integrations, emphasizing their commitment to ensuring this incident is not repeated. According to Gupta, the team is still investigating how the breach occurred but suspects a bot or integration was compromised. The logs are being reviewed as part of this ongoing investigation.
Polygon’s security team remains unsure of the exact method the attackers used, but they are confident that no community moderators were directly phished. Gupta confirmed that a postmortem of the hack would be released after the full investigation.
Read CRYPTONEWSLAND onPolygon urged its community to remain cautious and avoid interacting with suspicious links. The incident serves as a reminder of the persistent threat of phishing attacks, especially within online communities like Discord. Although the server has been secured, Polygon acknowledged that some features might remain limited as the security team completes its review of bots and integrations.
This breach highlights the importance of vigilance and secure practices in community management, particularly as Polygon prepares for the upcoming migration to its upgraded POL token. The Polygon team continues to work towards restoring full functionality while ensuring the safety of its users’ assets moving forward.
$Wadz brings #fun and energy to the #crypto space, backed by the #WadzPay community. #$Wadz…
#2024 U.S. elections could impact #Bitcoin's price, with predictions of a #potential surge to $125K.…
#ETH options expiry: $2,400 #Maxpain point looms. 127,000 contracts worth $298M are set to expire.…
The #SEC seeks to update its lawsuit against #Binance, keeping its stance on #crypto assets…
Sky Protocol's vote on wBTC removal could impact $200M in loans, reshaping its DeFi ecosystem.…
Staking $SOL helps offset 5% inflation, offering 8-12% returns. Liquid staking keeps your assets liquid!…