Scams continue to plague DAOs and NFT collections by exploiting human and platform weaknesses.
Former content moderation service Chatsight now applies AI to Discord servers.
While the crypto industry is focused on building the decentralized Web3 future, centralized Web2 platforms such as Discord, Twitter, and Telegram are where the community lives today. As DAOs and NFT collectives continue to use these platforms, scammers flock to defraud and steal. this Federal Trade Commission recently reported that more than $1 billion in cryptocurrencies has been lost due to fraud since 2021.
To help combat these attacks, a new San Francisco-based initiative chat view Making security its core business on Discord servers is a growing list Services aimed at protecting Discord communities.
Founded in 2021 by Marcus Naughton, Chatsight calls itself a “security as a service company” designed to provide an additional layer of security to social media platforms like Discord and Telegram. These platforms have become the hub of Web3 projects looking to organize and build communities around their projects.
“We provide technology agnostic,” says Naughton decrypt. “We are building anti-fraud AI (artificial intelligence) technology and bridging platforms like Discord, Telegram and others that come with the goal of providing security tools for on-chain networks.”
Discord is a popular place for DAOs (decentralized autonomous organizations) to organize and collaborate. DAOs are loosely organized communities that come together to create or support crypto projects, often funding their activities with tokens.
Already wary of scammers, DAOs use third-party projects like Collab.Land to act as gatekeepers on Discord servers, verifying that members hold the DAO token before gaining access. But while token keepers can manage memberships, security remains an issue.
In May, security firm PeckShield sent a warning to Twitter saying scammers are using NFT marketplace OpenSea’s Discord server to promote a scam NFT mint.
Earlier this month, the popular NFT collective Fored Ape Yacht Club The Discord server was compromised and allowed the scammers to get away with 200 ETH worth ($358,962 at the time) NFTs.
Our Discord servers were briefly exploited today. The team caught the incident right away and solved it. Around 200 ETH worth of NFTs seem to have been affected. We’re still investigating, but if you’re impressed, email us at email@example.com.
After the abuse, a Bored Ape Yacht Club co-founder hacked Discord On June 4, saying that the popular communication app “does not work for Web3 communities”.
Naughton said that while Chatsight is intended for use on social media platforms, its focus is not on content moderation but on scams and phishing attacks, and “the only thing everyone can agree on is this: [that] Fraud is bad.”
Chatsight started as an AI content moderation platform for social networks, Naughton explains, but turned around after speaking to the owner of a crypto Telegram group who paid about $5,000 for physical people to watch the channel.
“If these people are paying people to do this, that shows a need that these platforms are not addressing,” Naughton says. “When you build your communities on these platforms, you openly accept the fact that you now take security into your own hands.”
Naughton said Chatsight aims to act as a managed security partner, a “quasi-antivirus,” providing users with a suite of tools to monitor Discord servers.
According to Naughton, Chatsight uses an “air-gapped” Discord account that is not used anywhere else. Once associated with the Discord server, this account is given administrative rights. It then monitors the server for fraud and phishing attacks, giving the server owner control of the Chatsight bot while keeping the owner of the server account separate.
Naughton says the freemium product includes Enterprise Cloudflare features that provide extra security, including Discord account verification, checking the account’s reputation on Discord, and penalties ranging from a 30-minute timeout to banning accounts that have been repeatedly flagged.
According to Naughton, the flaw in the current version of the internet is that users transfer the assets they own (plans, designs, tasks, etc.) to third parties like Discord, Twitter, and Telegram to host and hopefully secure security. However, users have no say in this security.
“We expect you to be compromised by the nature of Discord’s product – exploits happen to everyone,” Naughton says. “So we assume you will be exploited from the default location and how can we prevent damage from there?”
Do you want to be a crypto expert? Get the best of Decrypt straight to your inbox.
Get the biggest crypto news + weekly recaps and more!