It has indeed been a rocky and uncertain period for crypto projects, and it will certainly be recorded as the month with the highest crypto hacks. With major hacks like last month’s Ronin Bridge security breach that affected the NFT game Axie Infinity, to last weekend’s compromise of the 333 club discord server and the recent hack of the BAYC official Instagram and Discord server.
With the increasing number of hacks Zachxbt, an On-Chain sleuth took to Twitter. He announced the results of his analysis that mapped how the group behind the recent hacks moved the stolen funds to their wallet address.
With all of the NFT Discord hacks over the past few months I thought it would be beneficial to map out one of the groups doing them
According to the On-chain Sleuth, the group has about $3.9 million (1355 ETH) in their main wallet. And this excludes what has already been cashed out by the group. He released an image that mapped how the funds were moved to the group’s wallet. And all the projects targeted are on the Ethereum blockchain.
furthermore, he gave some insights into one of the recent attacks by the group.
The 333 Club Discord hack.
Over the last weekend, the 333 Club Discord was compromised and hackers made away with approximately $317,000 amounting to about 110 ETH in NFTs.
According to Zachxbt’s analysis, this compromise was heavily linked to previous hacks. A review of the hackers’ modus operandi showed that they used a similar method to the others. Where the Discord server is compromised and the link to a phishing site is posted on the announcement channel. The link is usually posted with the announcement of a giveaway or an airdrop, attracting unsuspecting users.
The group moves stolen funds from such attacks through multiple wallets to the wallet where they finally deposit these funds.
Addresses linked to the recent NFT hacks
Zachxbt further revealed the identity of the ENS addresses linked to the recent attacks.
“Popbob.eth, Two1.eth, Lisey.eth, 半醉人间.eth are the ENS addresses linked to the attacks”. He tweeted.
This is just one of the groups involved in the attacks, there are a few others also competing with each other.
The NFT hacker group’s MO
According to the On-chain sleuth, these groups hack discord servers through social engineering and phishing sites. Adding that all these people originate from forum websites.
While it is not clear how much the group has made so far, “it wouldn’t surprise me if this group alone has made 8 figures” Zachxbt tweeted.