Skip to content

Fractal gets hacked before launch; 373 users lose $150,000

  • by
  • 2 min read

Soon to debut NFT platform, Fractal, suffered a security breach where a scammer hacked the announcement bot in the startup’s Discord channel, sending phishing links to over 100,000 people asking them to pay for a new NFT airdrop.

On Tuesday, the platform acknowledged the attack and reported that 373 users were affected, with the hacker getting away with approximately 800 sol which roughly translates to somewhere around $150,000. The startup, funded by founder Justin Kan’s GOAT Capital Fund, has already pledged to pay the duped users back.

The message promised users access to 3,333 NFTs to celebrate the startup’s success but instead took them to a minting site where they ended up paying but got nothing in return. You see, the link included in the message pointed to but with an ‘l’ instead of the ‘i’, taking users to a completely different site. Fractal’s actual platform was due to launch this week.

In the News: Is a failed company culture to blame for Ubisoft’s developer exodus?

Up for a shaky launch

As mentioned above, the startup promised to pay the users back, urging them not to delete their wallets as they have no way of verifying who the wallet users are except returning the funds to the drained wallets. Fractal already has a list of all the 373 wallets duped, so the affected users need to sit tight. 

The platform further asked users to exercise caution as they may not be able to cover future losses. They’re working with Discord’s Trust and Safety team to do a full security audit of their Discord server in addition to working with other potentially impacted Discord communities to track the hacker down. 

NFT airdrops sell out rather quickly, making the NFT market rather opportunistic to seize every chance they can. As you can guess, this can trump caution at times and can be dangerous for those new to the market. 

Another Solana-based marketplace, Monkey Kingdom, was hacked several hours earlier for about $1.3 million worth of crypto. Both these attacks have taken place on Discord, which means the platform itself needs to check its user verification methods. 

In the News: Microsoft acquires Xandr, partners with Taboola to launch RTB in Q1 22′ 

Yadullah Abidi

Yadullah Abidi

Yadullah is a Computer Science graduate who writes/edits/shoots/codes all things cybersecurity, gaming, and tech hardware. When he's not, he streams himself racing virtual cars. He's been writing and reporting on tech and cybersecurity with websites like Candid.Technology and MakeUseOf since 2018. You can contact him here: