The Polygon Discord channel was reportedly compromised on Saturday, August 24, but officials at the blockchain platform restored access approximately four hours later.
The initial attack prompted Polygon Polygon (MATIC) chief information security officer Mudit Gupta to post a warning on X.com, warning users not to click on “any links” on the official Discord channel until further notice.
Public service announcement: Do not click on any of the links below: @0xPolygon community dispute, until otherwise stated.
It has been compromised and we are working to regain ownership.
— Mudit Gupta (@Mudit__Gupta) August 24, 2024
The incident has raised concerns among Polygon users, with one member using the username shadabk2005 saying that scam links were being posted on the channel.
@0xPolygon Hey, was your Discord hacked? Scam links are being shared in the announcement channel and I got a timeout for highlighting it in the support channel.
— shadab.eth ✈️🏨 (@shadabk2005) August 24, 2024
No further information was shared about the incident.
About four hours later, Gupta posted an update to his original post, informing users that the Polygon team had “regained control” of the channel and fixed the changes made by the hackers in response to a repeat attack.
See below.
Update: We have restored access and are currently cleaning up any changes the hacker made to prevent them from returning.
— Mudit Gupta (@Mudit__Gupta) August 24, 2024
Discord is a free online messaging app that has gained popularity among crypto communities alongside X, Telegram, and Reddit. Projects regularly use the platform to share important information, and scammers appear to have noticed.
Attacks on the platform are occurring more frequently; crypto.news reports several such incidents.
In July, Ethereum (ETH) liquid takeover platform Renzo lost ownership of its Discord channel to malicious actors. At the time, it was unclear whether anyone had lost funds as a result of the attack.
In another incident, hackers added a fake Discord link to the website of security auditing firm CertiK. According to those who discovered the scam, the link led to a fake Discord server that hosted malware designed to siphon money from users’ wallets.
In September 2023, CertiK reported that scammers stole more than $6 million through attacks launched through compromised crypto Discord channels. Attackers mostly used the channels to spam fake token airdrops, and the airdrop links contained phishing links.