The team behind Ethereum gaming platform Immutable has been accused of “embarrassing behavior” and covering up a security incident after it shared few warnings about Discord phishing links.
Early on Monday, crypto sleuth ZachXBT pointed out via X (formerly Twitter) that the Immutable Discord server had been “compromised” for a brief period this weekend.
He then claimed that Immutable made “zero announcements” across its official channels, warning the company that it “comes across as if you are trying to cover up the security incident…”
However, Immutable has since claimed that an internal employee used the Discord channel to warn about the malicious links within two hours of the incident.
In its response to ZachXBT, it appears that the problem was only revealed once it had been contained, potentially leaving users at risk for a short period.
Immutable claims the discord account of a community support contractor was “compromised” on Saturday before sharing the phishing links. However, the only warning via X came from a different crypto-gaming studio, Illuvium, on Saturday.
Screenshots shared by ZachXBT show one user questioning Immutable’s reluctance to make a Discord announcement despite the hack. Another user said the hackers shared malicious links that looked as if they came from the Discord moderators. They claim their crypto was stolen after falling for the links saying, “I got ganked good.”
Just last August, the Discord channels of at least five crypto firms were hacked in the space of a week. Officials from Witness Chain, Polygon, Avalanche, Zksync, and Orderly Network alerted users to the ongoing hacks in at least one of their official channels.
Protos has reached out to Immutable for comment and will update if we hear back.