CertiK’s Discord link briefly redirected to fake server with malware, reports say
As per multiple reports on X, CertiK’s official website temporarily featured a Discord link, which redirected users to a fake server with malicious malware.
In a recent security incident, a Discord link has been featured on the website of a security blockchain auditing firm Certik, which led users to a fake server with malicious malware. According to blockchain community members @PopPunkOnChain and @Burnttoken, who brought attention to the discovery, the fraudulent server hosted a counterfeit CollabLand bot and malicious software designed to steal assets from crypto wallets.
@CertiK The discord link on your website links to a fake discord server with a fake version of @Collab_Land_ that hosts a wallet drainer.
Is the Certik team complicit? pic.twitter.com/Fp8Sk4Kf1t
— Burner (∞) (@Burnttoken) December 17, 2023
You might also like: CertiK reports a critical security vulnerability in Solana’s Saga phone
Crypto.news couldn’t immediately confirm nor deny those reports. As of press time, CertiK made no public statement on the matter, and the scale of the attack remains unclear. However, the official website no longer features the malicious link, indicating the CertiK team might have already patched the incident.
forgot to post the funniest part. Just follow the steps in the discord @CertiKCommunity pic.twitter.com/OGti6dF3Ss
— Burner (∞) (@Burnttoken) December 17, 2023
In mid-November 2023, crypto.news reported that scammers had devised a new method of stealing funds by impersonating legitimate crypto investigators and using their identities to deceive unsuspecting victims on X.
Crypto sleuth ZachXBT issued a cautionary post on the social network dated Nov. 15, revealing the emergence of a “large network of bot accounts” actively impersonating crypto detectives. According to ZachXBT’s investigation, these scammers have successfully pilfered over $300,000 worth of cryptocurrency in just a matter of days. As noted by BleepingComputer, the scammers also impersonated blockchain analytics firms such as CertiK and Scam Sniffer.