Link share

Ozzy Osbourne’s NFT Project Shared a Fraudulent Link and Subscribers Lost Thousands of Dollars

When a pop culture icon like Ozzy Osbourne announces an NFT collection, you can count on project publicity. The launch of the “CryptoBatz” collection, a series of 9,666 digital bats, has been covered by media outlets like Billboard, rolling stone, NME, hypebeast, and Business Intern, among others.

But just two days after the tokens were struck, supporters were targeted by a phishing scam that drained cryptocurrency from their wallets, playing on a bad link shared by the project’s official Twitter account.

Like the majority of NFT projects, CryptoBatz uses Discord as a place to organize its community. The official CryptoBatz Discord can now be accessed via the short link But previously, the project used a slightly different custom URL at

When the project moved to the new URL, the crooks set up a fake Discord server on the old one. But neither CryptoBatz nor Ozzy Osbourne took the precaution of deleting tweets referencing the previous URL, meaning that old tweets from Osbourne himself were left to direct followers to a server now controlled by criminals. crooks.

A CryptoBatz tweet, posted on December 31, 2021, received over 4,000 retweets and hundreds of replies. The tweet was only deleted on January 21 after CryptoBatz was contacted by The edge.

Cryptobatz tweet containing a link to a Discord scam

Upon clicking the scam link, the fake Discord’s invite panel showed the total number of members to be 1,330, an indication of how many people might have been duped by the scam.

Inside the server, a Collab Land bot spoofing community management service asked users to verify their crypto assets to participate in the server – but directed users to a phishing site where they were asked to connect their cryptocurrency wallets.

A representative for Collab Land declined to comment.

Collab Land fake bot

One person who lost money to the scam is Tim Silman, a nonprofit employee. Silman estimates that around $300-400 in ETH was taken from his wallet after visiting the fake Discord server via a link posted on the CryptoBatz website.

“I’ve seen at least a dozen people on Twitter expressing this same issue,” Silman said. The edge. “If you look at the transactions on Etherscan, others have lost a lot more than me.”

An Ethereum wallet address reported by Silman to be linked to the scammers had received a series of incoming transactions totaling 14.6 ETH ($40,895) on January 20 and sent it to a wallet containing over $150,000.

The project was slow to remove bad links, even when notified, Silman said.

“I tagged them multiple times in various tweets, like a few other people, but no response,” he said. “It’s an expensive lesson, I guess.”

Even though the fake link remained present in a prominent tweet, the CryptoBatz project continued to promote the public mint. As of January 21, CryptoBatz NFTs were resold on OpenSea for around 1.8 ETH ($5,046).

When asked if the project should accept responsibility for leaving the old link online, Sutter Systems, the developers of the CryptoBatz NFT, blamed Discord squarely for the scam. In a statement emailed to The edge, Sutter Systems co-founder “Jepeggi” pointed out that the compromise was only possible due to the easy setup and maintenance of the fraudulent Discord instance.

“While we are sorry to the people who have fallen prey to these scams, we cannot take responsibility for the actions of the scammers operating Discord – a platform over which we have absolutely no control,” Jepeggi said. . “In our opinion, this situation and hundreds of others that have happened in other projects in the NFT space could have been easily avoided if Discord had simply put in place a better response/support/fraud team to help big projects like ours.”

Discord said it was aware of the incident and in contact with the team involved.

“Our Trust & Safety team is in contact with the server owners and investigating the incident,” said Peter Day, corporate communications manager at Discord. “Our team takes action when we become aware of attacks like this, including banning users and shutting down servers.”