Immutable Discord Server Account Compromise

From Quadriga Initiative Cryptocurrency Hacks, Scams, and Frauds Repository
Revision as of 18:55, 24 October 2024 by Azoundria (talk | contribs) (Created page with "{{Imported Case Study With About|source=https://www.quadrigainitiative.com/casestudy/immutablediscordserveraccountcompromise.php}} {{Unattributed Sources}} thumb|Immutable Logo/HomepageImmutable is a platform to assist with bringing games online to be played in a decentralized manner. On September 23rd, the Immutable Discord server was hacked, with a phishing link posted, resulting in one user losing the funds from their wallet. The Immutable t...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

Notice: This page is a freshly imported case study from an original repository. While the original content had a similar format, some sections may not have been fully completed. Please help fill in any empty sections or any missing information you can find. If you are new here, please read General Tutorial on Wikis or Anatomy of a Case Study for help getting started.

Notice: This page contains sources which are not attributed to any text. The unattributed sources follow the initial description. Please assist by visiting each source, reviewing the content, and placing that reference next to any text it can be used to support. Feel free to add any information that you come across which isn't present already. Sources which don't contain any relevant information can be removed. Broken links can be replaced with versions from the Internet Archive. See General Tutorial on Wikis, Anatomy of a Case Study, and/or Citing Your Sources Guide for additional information. Thanks for your help!

Immutable Logo/Homepage

Immutable is a platform to assist with bringing games online to be played in a decentralized manner. On September 23rd, the Immutable Discord server was hacked, with a phishing link posted, resulting in one user losing the funds from their wallet. The Immutable team made that user whole, and publibly shared the incident on Discord. They later shared information on Twitter as well.[1][2][3][4][5][6][7][8][9]

About Immutable

"Immerse yourself in an uncharted world of Web3 gaming, where creativity and innovation collide. Experience the depth and wonder of Web3 gaming on Immutable and reshape the future of play."

"The Immutable Group consists of the Immutable Platform, the preferred developer platform for building & scaling web3 games on Ethereum, and Immutable Games, a global leader in web3 game development and publishing with leading titles Gods Unchained and Guild of Guardians.

Co-founded by James Ferguson, Robbie Ferguson and Alex Connolly in 2018, Immutable is headquartered in Sydney with a team of over 240+ leading technologists, creators and innovators, and backed by top transformational tech investors like BITKRAFT Ventures, King River Capital, AirTree, Temasek, Coinbase and more."

The Reality

This sections is included if a case involved deception or information that was unknown at the time. Examples include:

  • When the service was actually started (if different than the "official story").
  • Who actually ran a service and their own personal history.
  • How the service was structured behind the scenes. (For example, there was no "trading bot".)
  • Details of what audits reported and how vulnerabilities were missed during auditing.

What Happened

"The Immutable Discord server was compromised. According to an official tweet from Immutable, a community support contractor’s Discord was compromised, leading to a phishing link being posted."

Key Event Timeline - Immutable Discord Server Account Compromise
Date Event Description
September 21st, 2024 10:05:00 AM MDT Immutable Awareness Of Incident According to their post-mortem the Immutable team became aware of the incident at this time.
September 21st, 2024 2:55:00 PM MDT Public Announcement By Illuvium Illuvium posts on Twitter to inform about the report they received about the breached server.
September 22nd, 2024 10:00:00 AM MDT Another Beautiful Day For Gaming The Immutable team posts that it's another beautiful day for gaming on their Twitter.
September 23rd, 2024 1:24:00 AM MDT ZachXBT Calls Out The Team ZachXBT calls out the Immutable team for not sharing any details of the exploit.
September 23rd, 2024 4:52:00 AM MDT Immutable Team Posts Announcement The I

Technical Details

This section includes specific detailed technical analysis of any security breaches which happened. What specific software vulnerabilities contributed to the problem and how were they exploited?

Total Amount Lost

The total amount lost is unknown.

How much was lost and how was it calculated? If there are conflicting reports, which are accurate and where does the discrepancy lie?

Immediate Reactions

"Rangers,

We’ve been notified that the @Immutable Discord has been compromised. For your safety, do not interact with any messages, links, or claims from their Discord regarding support or offers until an official "all clear" is issued.

Stay safe, and we’ll keep you updated as we learn more."

Ultimate Outcome

"An Immutable employee posted in our discord within 2 hours of the incident, with the issue contained, but clearly we can retro how we publicly share comms. For full transparency, here is our security team’s summary.

At 4:05 PM UTC on 21 Sep 2024, a community support contractor’s Discord was compromised leading to a phishing link being posted.

One user clicked the link and was phished for a small amount. They have raised a ticket and we have offered to fully reimburse them.

We take security seriously. The incident was contained within 1 hour and 18 minutes from posting with offending posts being deleted, users removed, and the discord community being notified and warned by our internal employee. Our team then notified our takedown provider Doppel about the site (which as of now is not resolvable via DNS).

@zachxbt thanks for the message, and for your service to crypto generally. We are constantly seeking to improve."

Total Amount Recovered

The total amount recovered is unknown.

What funds were recovered? What funds were reimbursed for those affected users?

Ongoing Developments

What parts of this case are still remaining to be concluded?

Individual Prevention Policies

No specific policies for individual prevention have yet been identified in this case.

For the full list of how to protect your funds as an individual, check our Prevention Policies for Individuals guide.

Platform Prevention Policies

Policies for platforms to take to prevent this situation have not yet been selected in this case.

For the full list of how to protect your funds as a financial service, check our Prevention Policies for Platforms guide.

Regulatory Prevention Policies

No specific regulatory policies have yet been identified in this case.

For the full list of regulatory policies that can prevent loss, check our Prevention Policies for Regulators guide.

References

  1. @Immutable Twitter (Accessed Oct 24, 2024)
  2. Immutable | Powering The Next Generation Of Web3 Games (Accessed Oct 24, 2024)
  3. Immutable | Advancing The Next Generation Of Web3 Games (Accessed Oct 24, 2024)
  4. @zachxbt Twitter (Accessed Oct 24, 2024)
  5. @Immutable Twitter (Accessed Oct 24, 2024)
  6. @SnoopX_ai Twitter (Accessed Oct 24, 2024)
  7. @SnoopX_ai Twitter (Accessed Oct 24, 2024)
  8. @illuviumio Twitter (Accessed Oct 24, 2024)
  9. @aulijk Twitter (Accessed Oct 24, 2024)
Retrieved from "https://quadrigainitiative.com/cryptocurrencyhackscamfraudwiki/index.php?title=Immutable_Discord_Server_Account_Compromise&oldid=6259"