Polygon Discord server hacked, scammers posted for 3 hrs and stole $150k in crypto

Polygon was hit by a security breach that compromised its community Discord server for about three hours, allowing scammers to post malicious links and impersonate support agents.

Polygon is a blockchain scaling platform based in India that aims to enhance Ethereum's capabilities.

The breach was detected when users observed suspicious activity, with scammers flooding the support channels, misleading users, and posting fraudulent links. Despite the team’s efforts to secure the server with two-factor authentication (2FA) on all privileged accounts, the attack was still successful. P

One victim reported losing $150,000 worth of Ethereum (ETH) after interacting with what appeared to be an official announcement on the compromised server.

Polygon’s Chief Information Security Officer, Mudit Gupta, confirmed that full control of the Discord server has been regained, and the changes made by the attackers are being reversed.

Discord channels, commonly used to share critical information or manage assets, have increasingly become a target for cybercriminals. Previous incidents include the compromise of the Arbitrum Discord server on March 25, 2023, and the breach of the Gnus.AI server on May 5, 2023, resulting in a loss of approximately $1.27 million.