OpenSea Discord server hacked, users warned to be vigilant of phishing scams

Arnold Kirimi
Arnold Kirimi May 6, 2022
Updated 2022/05/06 at 3:48 PM
4 Min Read

Nonfungible token (NFT) marketplace OpenSea suffered a server breach on its main Discord channel, with hackers posting fake “Youtube partnership” announcements.

A screenshot shared[1] Friday shows fake collaboration news, accompanied by a link to a phishing site. OpenSea Support’s official Twitter account tweeted that the marketplace’s Discord server was breached Friday morning and warned users not to click the channel.

The hacker’s initial post, published in the announcements channel, claimed that OpenSea had “partnered with YouTube to bring their community into the NFT Space.” It also said that OpenSea is releasing a mint pass with them that will allow holders to mint their project for free.

It appears that the intruder was able to stay on the server for a considerable length of time before OpenSea staff were able to regain control. In an attempt to create “fear of missing out” to victims, the hacker was successful in reposting follow-ups to the initial fraudulent announcement, rehashing the phony link, and claiming that 70% of the supply had already been minted.

The scammer also attempted to entice OpenSea users, claiming that YouTube would provide “insane utilities” to those who claimed the NFTs. They are claiming that this offer is unique and that there will be no further rounds to participate, which is typical of fraudsters.

On-chain data[5] shows 13 wallets seem to have been compromised as of writing, with the most valuable NFT stolen being a Founders’ Pass worth around 3.33 ETH or $8,982.58.

Initial reports[6] suggest that the intruder used webhooks to access server controls. A webhook is a server plugin that allows other software to receive real-time information. Webhooks have increasingly been used as an attack vector by hackers because they provide the ability to send messages from official server accounts.

Related: Ape-themed airdrop phishing scams are on the rise, experts warn[7]

The OpenSea Discord is not the only server to be exploited via webhooks. Several prominent NFT collections’ channels, including Bored Ape Yacht Club[8], Doodles, and KaijuKings, were compromised in early April with a similar vulnerability that allowed the hacker to use official server accounts to post phishing links.


  1. ^ shared (
  2. ^ (
  3. ^ May 6, 2022 (
  4. ^ February 26, 2022 (
  5. ^ data (
  6. ^ reports (
  7. ^ Ape-themed airdrop phishing scams are on the rise, experts warn (
  8. ^ Bored Ape Yacht Club (


This article was first published on
Share this Article