Virtuals Protocol Discord Server Hacked, Fake Links Spread

On Wednesday, Virtuals Protocol, an AI-driven platform, experienced a major security breach, exposing its Discord server to unauthorized access and phishing attacks.

Hackers compromised Virtuals Protocol’s Discord server, while phishing links impersonating its official website surfaced on Google Search.

This incident came just days after the platform resolved a critical flaw in its audited smart contract.

How Hackers Exploited Virtuals Protocol’s Discord Server

The Virtuals team reported that the breach occurred after a private key belonging to one of the Discord moderators was compromised.

This granted the attackers unauthorized access to the messaging platform. The issue has since been resolved, with the server secured by the Virtuals team.

Update: One of our Discord mods had their account compromised. The incident is now resolved. https://t.co/E1Z0y5IQXl

— Virtuals Protocol (@virtuals_io) January 8, 2025

In addition to the Discord breach, cybersecurity firm Scam Sniffer identified three malicious links on Google Search impersonating the Virtuals Protocol website.

Google's really outdoing itself—now showing THREE phishing ads impersonating Virtuals Protocol (up from one)!

Scammers are paying Google bucks to steal your crypto.

Pro tip: If you enjoy losing assets, click those top search results and connect your wallet!

Stay safe,… https://t.co/RG4Io0JIyO pic.twitter.com/4klK3PdsjX

— Scam Sniffer | Web3 Anti-Scam (@realScamSniffer) January 8, 2025

Users were warned to avoid interacting with these links and urged to verify official URLs before clicking.

Meanwhile, Virtuals Protocol addressed another major security concern earlier this month.

On January 3, the team fixed a vulnerability in its audited smart contract after security researcher @lj1nu identified the flaw in the platform's token-launching mechanism on Uniswap V2.

The vulnerability stemmed from the AgentToken creation process, which used the Clones library to make token addresses predictable.

This predictability arose from the AgentFactoryV3 contract's nonce. Additionally, the initialize function in AgentToken failed to check if a Uniswap pair already existed, risking transaction reverts and exploitation.

@lj1nu demonstrated the exploit risk using a Tenderly proof of concept. After publicly disclosing the flaw on X, Virtuals Protocol verified and patched the issue.

The fix includes additional validation steps to prevent similar flaws. The team apologized for the initial miscommunication, published the fix on BaseScan and GitHub, and relaunched its bug bounty program.

Phishing Scams and Private Key Breaches Dominate 2024 Crypto Security Threats

Phishing scams and private key breaches remain major concerns for blockchain and cryptocurrency users.

Market News and Data brought to you by Benzinga APIs

© 2025 Benzinga.com. Benzinga does not provide investment advice. All rights reserved.

Be the first to comment!

Comments

Close menu

Loading...

Benzinga simplifies the market for smarter investing

Trade confidently with insights and alerts from analyst ratings, free reports and breaking news that affects the stocks you care about.

Join Now: Free!

Already a member?Sign in

---