On the morning of February 10, 2026 around 9:00AM Eastern Standard Time, we received a message from the Discord account of the owner of Yumiko Manga in what appeared to be an all too common message sent by spam bots on Discord. The owner was sleeping and didn’t know about this until they woke up.
The alleged hacker spammed images promoting a cryptocurrency scam involving YouTuber Logan Paul, which is a frequent scenario that occurs when Discord accounts are hacked. Drillimation Systems has banned numerous users for spamming these messages on their server channels. The company has launched an investigation and both have taken steps to ensure their account is secured and contain the incident.
Since the discovery of the breach, the vulnerability that allowed the hacker to gain access has been patched, along with their password being reset. Drillimation highly advised all of their users on their server to enable multi-factor authentication. They take the privacy and security of their users’ data very seriously and also consult with outside experts to further harden their security posture.
This is the second cybersecurity incident involving an affiliate of Drillimation Systems in less than a year, after Emiko Hosokawa of Studio Emiko fell victim to the same thing last April. In that case, her account ended up “reincarnating” as her VTuber Ciel Chandelleur. Drillimation highly advises their players to be very wary of anyone in their DMs or on social media claiming they are a recovery expert or hacker who can get an account back for a fee and do not actually do so, scamming the user. Discord Support is the main entity responsible for restoring an account after they’ve been hacked.
The Scam, Explained
On this Friday the 13th, we can explain how this whole scenario unfolds, and where it all began. This type of scam started arising around late 2025 where hackers compromise accounts with weak security and spam images promoting cryptocurrency, often featuring fake giveaways and sometimes being endorsed by figures or popular YouTubers such as Elon Musk, MrBeast, or even Logan Paul. This cycle of hacking and spamming is a very common industrial-scale operation on Discord. It’s not just one person with a grudge; it’s usually an automated botnet that turns an account into a zombie to lure others into financial scams.
How They Get In
Nine out of ten cases involve the hacker not guessing the password of an account. They use what is known as token theft, otherwise known as session hijacking. When you log in, your browser or app is given a token, which is a digital key that states the user has authenticated to the Discord server. When a hacker steals this token, they can use an account without needing the original account’s password or multifactor authentication code, bypassing those security checks.
The most common reason this happens is the result of a user clicking on a suspicious link. Such examples include the promotion of a game by asking users to test a small file, fake links that claim a user can receive a free Nitro subscription, or joining a server likely infected with malware, such as being asked to scan a QR code or verify an account on an external site.
The Crypto Spam Strategy
The hackers don’t care about an account, but want that user’s reputation. Users are more likely to click on a link from a friend or trusted member than a random bot. They use images, usually fake tweets from the aforementioned celebrities, by bypassing Discord’s automated spam filters that often don’t read text inside an image. These high-quality images that promote crypto giveaways or free bets on online casinos and sportsbooks create a false sense of legitimacy and urgency.
The Hackers’ Goal
Their main goal of this scam is to drive people to phishing sites or fake currency exchange services. Once there, the user can be scammed by one of two methods. The first is the user winning $2,500 in Bitcoin, but in order to activate the account, they must deposit $50-100 in their own crypto. Once paid, they disappear. The other is asking to connect a virtual wallet such as MetaMask, and once they sign the transaction they provide, the hacker is granted permission to empty every asset in the wallet.
Stopping the Cycle
If an account is compromised and spamming the message, changing the password is the only way to kill the token. An important thing to know is even after changing a password, it is best to check the apps that you have authorized your Discord account on. Hackers often leave backdoor apps authorized so they can keep posting images even after the hackers have been kicked out.
Discover more from Drillimation Systems
Subscribe to get the latest posts sent to your email.
Drillimation Systems 