With millions of dollars worth of assets being lost to phishing attacks after signing malicious permissions, the threat of losing crypto assets to questionable links is very real. When these are paired with platforms that allow hidden links, users are subjected to a different kind of risk.
On Sept. 4, Web3 security provider Pocket Universe shared how scammers are able to hide wallet drainer links in any text on the instant messaging platform Discord. While some users report that the feature has only been enabled for Discord users recently, the ability to embed links in any text has been available on many different social platforms for a while now.
Scammers can now hide links in any discord text ☠️
Watch out for hidden wallet drainer links
e.g. pic.twitter.com/mgqG18sOF9
Cointelegraph reached out to several cybersecurity professionals to learn more about how users can protect themselves from such attempts and how platforms can improve their security so that users are not subjected to such attacks.
Christian Seifert, who works as a researcher in residence at Web3 security firm Forta Network, said that this type of attack has been the bread and butter of hackers since the internet was created. He explained:
According to Seifert, security requires an in-depth defense approach. “Both platforms and users need to work towards protecting themselves,” he said. From the user’s side, the security professional highlighted that there are plugins that they can use to protect themselves from such scams.
When it comes to Discord, Seifert pointed out that the platform does provide information on the true destination of the URL after the user clicks on it. However, the platform also allows users to “trust” a domain going forward. This can be
Read more on cointelegraph.com