Polygon has regained access to its community Discord server after a four-hour security breach that resulted in the theft of approximately $145,000 from one user. The breach, which occurred early Saturday morning, involved a phishing scheme disguised as an airdrop ahead of Polygon’s migration from MATIC to POL. The Polygon team has since secured the server and disabled all external bots and integrations to conduct a thorough security review.
The hack took place on saturday, with a fraudulent message being posted on the Discord server, allegedly from the account of Polygon’s community lead, Smokey. The message falsely promoted a “special pre-migration” airdrop and included a phishing link designed to steal user assets.
Blockchain data shows that one user lost a Uniswap position valued at around $145,000 in the attack. The phishing transaction occurred roughly few minutes after Polygon’s chief information security officer, Mudit Gupta, posted a warning about the breach on X. However, the hacker had already targeted their victim by then.
The wallet address used in the attack has been linked to previous phishing incidents. Ten days prior, it transferred over $72,000 worth of ether to another wallet flagged by Etherscan as a phishing perpetrator. Five days ago, the same wallet moved an additional $29,500 worth of ether to another flagged wallet, which now holds $150,000 in assets. These transfers highlight the ongoing risks posed by such phishing schemes.
After regaining control of the Discord server, Polygon’s team disabled all external bots and integrations, emphasizing their commitment to ensuring this incident is not repeated. According to Gupta, the team is still investigating how the breach occurred but suspects a bot or integration was compromised. The logs are being reviewed as part of this ongoing investigation.
Polygon’s security team remains unsure of the exact method the attackers used, but they are confident that no community moderators were directly phished. Gupta confirmed that a postmortem of the hack would be released after the full investigation.
Read CRYPTONEWSLAND onPolygon urged its community to remain cautious and avoid interacting with suspicious links. The incident serves as a reminder of the persistent threat of phishing attacks, especially within online communities like Discord. Although the server has been secured, Polygon acknowledged that some features might remain limited as the security team completes its review of bots and integrations.
This breach highlights the importance of vigilance and secure practices in community management, particularly as Polygon prepares for the upcoming migration to its upgraded POL token. The Polygon team continues to work towards restoring full functionality while ensuring the safety of its users’ assets moving forward.
Watch how blockchain is being used to tear down barriers, from #Arcana to #Everclear. Learn…
IoTeX partners with #PolygonLabs to integrate IoTeX 2.0 with #AggLayer, enhancing cross-chain functionality and security.…
#Hedera teams up with #Ripple and #Aptos in the #MiCA #Crypto Alliance to tackle #EU…
Missed out on #Polygon? #Qubetics is the world’s first #Layer1Web3 aggregated #blockchain, uniting #Bitcoin, #Ethereum,…
Discover leading Web3 job platforms for 2024. From #Bitcoin specialists to blockchain startups, these sites…
TON Foundation partners with Curve Finance to launch a TON-based #stableswapproject using #CFMM technology to…