Amid the increase in NFT adoption, there has been a significant rise in hacks of NFT Discord servers as well. Multiple times, malicious actors have hacked Discord server bots or moderator accounts to post links in various channels. Unsuspecting members, who click these links, end up losing their money. Major NFT projects like Boss Beauties and even Snoop Dogg’s Rap Empire Discord server have recently fallen prey to such hacks.
If you are an NFT creator, protecting your Discord server is of utmost importance. Recently, serial entrepreneur, Wilson K Lee shared some tips on avoiding Discord hacks. Let’s take a look at these.
How to avoid Discord hacks
If you are the NFT creator, the first step is to ensure that you are the Discord server’s owner. Even if you did not create the server, you must ask the creator to transfer ownership to you. Why is this important? As a server owner, you will be able to take the right actions in case something goes wrong.
Next, you should give moderator permissions to only a select few—people you trust the most. In addition, you must ensure that these moderators are sufficient to cover all the time zones. It should not happen that something goes down at the wee hours of the morning and there’s nobody to alert you and take action. As Wilson wrote, “never have one single point of failure and put in redundancy.”
Then again, having trusted moderators alone won’t prevent Discord hacks. After all, they are human and hackers can get in through several means. So, always remember the golden rule: everyone must stay vigilant at all times.
Next, you should put in multiple safety reminders. For example, Wilson’s server has bots that remind the members of safety protocols every 15 minutes. This can include reminders to mint only from your official websites, to avoid clicking on suspicious links, to reiterate that the moderators will never direct message the members, and so on. Remember to always keep your community up to date on how you operate. This way, “if anything looks out of the norm, [your] community won’t fall prey.”
What to do if you are hacked
In the unfortunate event that your Discord server is compromised, there are several steps you can take. First and foremost, take a breather and tell your community on Twitter that your Discord has been hacked. After this, you have to take control of your server.
Largely, Discord hacks happen via “webhooks”, where a “hacker installs a remote control in your home to steal control and post fake mint site in your channels”. To delete webhooks, go to server settings and find the integrations option. Here, select webhooks and delete all.
To prevent the hacker from creating new webhooks, select the audit log option under server settings. Then, type in “create webhook” to know whose account was hacked and is creating webhooks. Then, temporarily ban this person. Now that the hacker is gone, it’s time to come up with an action plan to help those affected.
“The best way to fight scams/hacks is to be aware and be educated,” Wilson further wrote. “[You] must trust [your] instincts…be empathic and have compassion.”