Update Sept.1, 11:30 pm UTC: This article has been updated to include information from Halborn’s chief information security officer.
Last month, crypto user and NFT artist Princess Hypio told her followers she lost $170,000 in crypto and non-fungible tokens after a scammer convinced her to play a game with them on Steam.
While she was “mindlessly” playing with the scammer, they were secretly stealing her funds and hacking her Discord. The same tactic was used on three of her other friends, she wrote in a post on Aug. 21 on X.
Source: Princess Hypio
It turns out, the tactic has been around for a while and is known by some as the “try my game” scam, which users have been reporting about for years in different forms.
Speaking to Cointelegraph, Kraken’s chief security officer, Nick Percoco, said these methods have become an increasingly popular attack method
“Try my game” hack: How it works
The crypto version of the scam involves a hacker joining a Discord server or group, lying in wait, learning about how users interact with each other and later using that information to gain trust.
The hacker then asks users if they own crypto or NFTs, often feigning interest to ask questions and gauge what digital assets they might own. In Princess Hypio’s case, they had a Milady NFT, which resulted in her being targeted.
After identifying a target with crypto, the hacker invites victims to play a game, sending a link to a server with Trojan malware that provides access to user devices, which allows them to steal personal information and drain any connected wallets.
In Princess Hypio’s case, the ploy involved convincing her to download a game on Steam by offering to buy it for her. The game itself was safe, but the server on which the game was being hosted was malicious.
She lost $170,000 in crypto and NFTs from the attack, she said.
It comes only days after Discord released its deceptive practices policy explainer, warning that promoting or carrying out financial scams on the social platform violates the terms…
..
