Blockchain platform Polygon has found itself in the crosshairs of cybercriminals, as the company’s Discord channel was hacked, leading to a flurry of concerns about security measures.
Update: We've regained access and currently cleaning up all the changes made by the hacker to make sure they can't come back.
— Mudit Gupta (@Mudit__Gupta) August 24, 2024
The Breach Happened Despite Privileged Security Measures in Place
On August 24, Polygon’s Chief Information Security Officer, Mudit Gupta, sounded the alarm on X after a security breach was discovered. He warned users to be cautious and avoid engaging with any links on the Discord channel until the situation was controlled. The fact that this breach happened despite 2FA being enabled on all privileged accounts raises serious questions about the platform’s security measures and ability to protect users.
Not yet, all of our privileged accounts had 2fa
— Mudit Gupta (@Mudit__Gupta) August 24, 2024
The repercussions of the breach were immediately felt within the Polygon community. A user named shadabk2005 took to the X platform to alert others about the ongoing situation. He reported that scam links were being posted in the announcements channel.
I reported it here https://t.co/sGcLGws0szNot sure if any one took notice. I could see a lot of people asking for help in support and scammers, under the guise of help, misleading them.
— shadab.eth (@shadabk2005) August 24, 2024
In a more distressing turn of events, another user, ValidatorK, reported a staggering loss of $150,000 worth of Ether from his pool. The funds were lost following an interaction with what appeared to be an official announcement on Polygon’s Discord channel.
@0xPolygon I lost $150,000 of my Ethereum pool in one go through Polygon's official Discord announcement. Why haven't you officially posted the Discord hacking issue on X? How are you going to take responsibility for this?
— Mr.K (@ValidatorK) August 24, 2024
Polygon Regains Discord Control, But Past Discord Hacks Now Raise Concern in the Crypto Community
At about 10:43 AM UTC, roughly three hours after the breach, Polygon’s Chief Information Security Officer, Mudit Gupta, reported that the Polygon team had successfully regained control of their discord channel and was now doing necessary house cleanings of changes the hackers made.
The attack on Polygon’s Discord channel is not an isolated incident. A series of high-profile breaches have plagued the crypto community. On March 25, 2023, blockchain security firm CertiK hinted at a phishing scam that caught the Arbitrum Discord server off-guard, where dubious links were sent out, reportedly perpetrated through a compromised account belonging to a dev. In the same way, on May 5, the Gnus.AI artificial intelligence network fell victim to a Discord-related exploit, leading to a loss of around $1.27 million.
Interestingly, the timing of this breach is worrisome for Polygon, which is currently undergoing a major network upgrade. The platform plans to replace its native Polygon (MATIC) token with POL tokens as part of an upgrade scheduled for next month, September 4, precisely.
The post JUST-IN: Polygon’s Discord Channel Hijacked, Team Regains Control Within Hours, Polygon CISO Mudit Updates Users appeared first on Coinfomania.