Wormhole Co-Founder Robinson Burkey Twitter Hacked
Notice: This page is a freshly imported case study from the original repository. The original content was in a different format, and may not have relevant information for all sections. Please help restructure the content by moving information from the 'About' section to other sections, and add any missing information or sources you can find. If you are new here, please read General Tutorial on Wikis or Anatomy of a Case Study for help getting started.
Notice: This page contains sources which are not attributed to any text. The unattributed sources follow the initial description. Please assist by visiting each source, reviewing the content, and placing that reference next to any text it can be used to support. Feel free to add any information that you come across which isn't present already. Sources which don't contain any relevant information can be removed. Broken links can be replaced with versions from the Internet Archive. See General Tutorial on Wikis, Anatomy of a Case Study, and/or Citing Your Sources Guide for additional information. Thanks for your help!
Robinson Burkey is a co-founder of the wormhole cross-chain bridging protocol. Wormhole announced an airdrop on April 3rd of 617 million W tokens as part of their protocol marketing. Shortly after a number of legitimate posts about the launch of the new token, Robinson Burkey's Twitter account was breached and scammers posted another announement about the airdrop, guiding users to a new website which they had set up. Websites such as these commonly trick users into sending funds or approving wallet access, which allows the scammers to drain funds from their wallet.
This is a global/international case not involving a specific country.[1][2][3][4][5][6][7][8][9][10][11]
About Wormhole Network
"Wormhole is a cross-chain bridge protocol facilitating investors to swiftly convert assets across various blockchains including Ethereum, Solana, Terra, Binance Smart Chain, Polygon, Avalanche, etc. The project tackles the interoperability issue of decentralized applications (dApps) and smart contracts to realize its platform's mission.
On April 3rd, Wormhole announced the allocation of 617 million W tokens (equivalent to 6.75% of the total supply) for the airdrop. Eligible participants will share rewards of up to $896 million."
"More great news for Wormhole Wednesday:
Wormhole's $W distribution has been extended as planned. All users, regardless of whether they have previously claimed, are now eligible to claim additional $W tokens."
"On April 4th, the official Twitter account of Wormhole founder Robinson Burkey posted malicious links shortly after the platform announced an airdrop campaign. Investors suspect hackers used viruses to carry out unauthorized access. The account quickly switched to private mode."
"After announcing the airdrop, the Twitter account of the Wormhole founder, account X, was attacked by hackers who posted fraudulent links."
"The CEO of Jito Labs, a developer of Solana's ecological MEV infrastructure, stated on social media that the Twitter account of Wormhole co-founder Robinson Burkey has been hacked and please do not click on any links."
"X account of Robinson Burkey, co-founder and CCO of Wormhole is apparently hacked and posting malicious links."
"Currently, Robinson Burkey's account is back to normal operation, with scam posts being warned about harmful links. However, there is still no estimate of the extent of the damage."
"Analysts comment that further attacks may occur due to the attraction of Wormhole's $850 million airdrop event. Blockchain expert ZachXBT warns investors to be cautious of comments under the project's official posts, as there are hundreds of comments, scam accounts, and even Twitter verified accounts involved.
For example, many investors perceive Memecoin Warmhole as a scam, riding on the coattails of Wormhole. However, the project quickly grew its market capitalization from $100,000 to $8.3 million, an 83% increase in six hours.
The W token was listed on Binance on April 3rd at $0.05 and other exchanges. According to CoinMarketCap data, the W token is trading at $1.13 with a market capitalization of over $2 billion."
This is a global/international case not involving a specific country.
The background of the exchange platform, service, or individuals involved, as it would have been seen or understood at the time of the events.
Include:
- Known history of when and how the service was started.
- What problems does the company or service claim to solve?
- What marketing materials were used by the firm or business?
- Audits performed, and excerpts that may have been included.
- Business registration documents shown (fake or legitimate).
- How were people recruited to participate?
- Public warnings and announcements prior to the event.
Don't Include:
- Any wording which directly states or implies that the business is/was illegitimate, or that a vulnerability existed.
- Anything that wasn't reasonably knowable at the time of the event.
There could be more than one section here. If the same platform is involved with multiple incidents, then it can be linked to a main article page.
The Reality
This sections is included if a case involved deception or information that was unknown at the time. Examples include:
- When the service was actually started (if different than the "official story").
- Who actually ran a service and their own personal history.
- How the service was structured behind the scenes. (For example, there was no "trading bot".)
- Details of what audits reported and how vulnerabilities were missed during auditing.
What Happened
The specific events of the loss and how it came about. What actually happened to cause the loss and some of the events leading up to it.
| Date | Event | Description |
|---|---|---|
| April 3rd, 2024 4:38:00 AM MDT | Gratitute To Colleagues | Robinson Burkey posts how grateful he is to be working alongside his team. |
| April 3rd, 2024 7:29:00 AM MDT | Go Claim Your W | Robinson Burkey reposts a tweet with a request for users to "Go claim [their] W". |
| April 3rd, 2024 8:09:00 AM MDT | Modular March Video | Modular March promotes "an educational initiative" which is announcing the launch of the Wormhole W token. This explains the role of the W token in the wormhole protocol. Connecting across 30 different chains. The token will control governance of the protocol. Multi-chain voting. |
| April 3rd, 2024 3:57:00 PM MDT | One Phishing Link | The approximate time of one of the phishing links being posted. |
| April 3rd, 2024 4:06:00 PM MDT | Warning Post | UnfungibleHuman posts a warning about the account baing hacked and a screenshot of the tweet which was posted. |
| April 3rd, 2024 5:46:44 PM MDT | Desk3 Article | Desk3 posts a warning about the breached Twitter account. |
| April 3rd, 2024 7:08:00 PM MDT | DexBot Warning | DexBot posts to warn users not to click on any Tweets. |
| April 4th, 2024 7:41:00 AM MDT | I'm Back Tweet | Without any details, Robinson Burkey simply mentions that he's back. |
| April 20th, 2024 2:38:19 PM MDT | Website Captured As Online | The wormhole distribution website is captured to be online. |
Technical Details
This section includes specific detailed technical analysis of any security breaches which happened. What specific software vulnerabilities contributed to the problem and how were they exploited?
Total Amount Lost
The total amount lost is unknown.
How much was lost and how was it calculated? If there are conflicting reports, which are accurate and where does the discrepancy lie?
Immediate Reactions
How did the various parties involved (firm, platform, management, and/or affected individual(s)) deal with the events? Were services shut down? Were announcements made? Were groups formed?
Ultimate Outcome
What was the end result? Was any investigation done? Were any individuals prosecuted? Was there a lawsuit? Was any tracing done?
Total Amount Recovered
There do not appear to have been any funds recovered in this case.
What funds were recovered? What funds were reimbursed for those affected users?
Ongoing Developments
What parts of this case are still remaining to be concluded?
Individual Prevention Policies
No specific policies for individual prevention have yet been identified in this case.
For the full list of how to protect your funds as an individual, check our Prevention Policies for Individuals guide.
Platform Prevention Policies
Policies for platforms to take to prevent this situation have not yet been selected in this case.
For the full list of how to protect your funds as a financial service, check our Prevention Policies for Platforms guide.
Regulatory Prevention Policies
No specific regulatory policies have yet been identified in this case.
For the full list of regulatory policies that can prevent loss, check our Prevention Policies for Regulators guide.
References
- ↑ SlowMist Hacked - SlowMist Zone (May 1, 2024)
- ↑ Wayback Machine (May 2, 2024)
- ↑ The founder's Wormhole account was hacked, posting fake news about the airdrop (May 2, 2024)
- ↑ Wormhole co creation Robinson Burkey Twitter account has been hacked, please do not click on any link | Desk3 一个web3交易工具 (May 2, 2024)
- ↑ Coinbay on LinkedIn: The founder's Wormhole account was hacked, posting fake news about the… (May 2, 2024)
- ↑ Wormhole co creation Robinson Burkey Twitter account has been hacked, please do not click on any link | Desk3 is a web3 trading tool (May 2, 2024)
- ↑ @unfungiblehuman Twitter (May 2, 2024)
- ↑ @RobinsonBurkey Twitter (May 2, 2024)
- ↑ @RobinsonBurkey Twitter (May 2, 2024)
- ↑ @therollupco Twitter (May 2, 2024)
- ↑ https://www.bitget.com/news/detail/12560603953942 (May 2, 2024)