Mizkif reveals how a single Discord hack put 50,000 of his fans at risk
YouTube: MizkifMizkif has created an impressive Discord community that hosts over 55,000 people but when a high-ranking member of the ‘Mizcord’ server got hacked, it was nearly disastrous for many involved.
The Mizcord is supposed to be a safe place for friends and fans of Mizkif to gather together, interact, and have a good time.
While it was built with the best of intentions in mind, it turns out that having so many people gathered in one place on the internet is quite risky, especially if an administrator of the space accidentally puts everyone in harm’s way.
That’s exactly what happened to Miz when his longtime friend and fellow streamer Lacari was hacked and no one realized it.
Mizkif’s Discord server was hacked and it exposed personal information
As Lacari explained in Mizkif’s July 31 video, all it took was a seemingly harmless phishing attempt from months ago to put the whole situation in motion.
A few months ago, he received a strange message from a friend that claimed they couldn’t stay friends with each other because of something that was said on another server.
While Lacari knew he hadn’t said anything controversial, he was worried that someone might be impersonating him, so he clicked the link that the already-hacked friend sent and unknowingly surrendered his log-in information to the person orchestrating the whole operation.
The way these programs work is that they grab the Discord token information from any user who completes the verification process that opens at the end of the strange link. A user’s token consists of all of their log-in information. All it took was that one mistake for Lacari to be compromised.
That might not have been such an issue if Lacari had been a regular mod in the Mizcord, but instead, he shares the same role as Mizkif himself, meaning he had unlimited power in the server and the other mods couldn’t do anything about it.
While it took several weeks to materialize, whoever was in control of Lacari’s account eventually realized they were unstoppable in that server and barraged every channel with invites to yet another fake server, this time claiming it was an official collab with the Mizcord, that would steal anyone’s info that followed through with it.
Thankfully, Miz’s manager realized what had happened and was able to get everyone on the same page to shut the operation down eventually, but there’s no telling how many people were caught in the crossfire.