Root-cause analysis not yet published. The incident description below contains all currently available signal — review the attack transaction directly for definitive forensics.
The permissions of the relevant administrators of the Discord of the Tableland project party were stolen. It is understood that after joining an external Discord server, Tableland members clicked the verification steps of a bot named "Dyno" and clicked a bookmark button with malicious javascript, and were then prompted to interact with the bookmark, triggering the malicious script to run. The attacker got hold of the admin account and posted a link on the announcement channel containing a fake website, anyone who clicked on the link and followed the wallet instructions would grant the attacker access to any NFTs held in their account. Attack method (per SlowMist): Discord was hacked. Reported loss: -.
- chain
- —
- protocol
- Tableland
- bug_class
- unknown
- date_occurred
- 2022-07-19
- loss_usd
- —
- source_id
- sm:tableland::2022-07-19