1inch Official Discord Phishing Links

From Quadriga Initiative Cryptocurrency Hacks, Scams, and Frauds Repository
Jump to navigation Jump to search

Notice: This page is a freshly imported case study from an original repository. While the original content had a similar format, some sections may not have been fully completed. Please help fill in any empty sections or any missing information you can find. If you are new here, please read General Tutorial on Wikis or Anatomy of a Case Study for help getting started.

Notice: This page contains sources which are not attributed to any text. The unattributed sources follow the initial description. Please assist by visiting each source, reviewing the content, and placing that reference next to any text it can be used to support. Feel free to add any information that you come across which isn't present already. Sources which don't contain any relevant information can be removed. Broken links can be replaced with versions from the Internet Archive. See General Tutorial on Wikis, Anatomy of a Case Study, and/or Citing Your Sources Guide for additional information. Thanks for your help!

1inch Logo/Homepage

1inch offers a wallet to assist with storing crypto and a swapping service which assists with exchanging one asset to another. According to SlowMist, the official Discord channel of 1inch was breached and used to promote a phishing link as part of a fake airdrop. There does not appear to be any official news from the 1inch team and very few sources have subsequently reported or confirmed the breach.[1][2][3][4][5][6][7][8][9][10]

About 1inch

"One-stop access to decentralized finance" "Optimize your trades across hundreds of DEXes on multiple networks" "A tool for swapping tokens across any network and placing on-chain limit orders securely, at the best rate." "The most powerful mobile app for managing your assets and exploring Web3." "A cutting-edge tracking tool offering accurate, detailed and well-organized crypto portfolio information."

"1inch is dedicated to advancing a secure and compliant DeFi ecosystem. By uniting with forefront security and compliance specialists, we set the standard for safety and compliance, ensuring our users navigate the DeFi space with confidence."

"1inch is excited to finally reveal the news of our Rewards Program!. By using 1inch for your swaps, you're not only getting the best rates but also earning rewards! Keep using 1inh for your swaps to maximize your rewards. The more you swap, the more you earn!

For our Epoch 1Rewards Program distribution, not only are 1inch users eligible, but anyone in the EVM ecosystem. Over 5,000,000 $1NCH tokens are set to be distributed over our first reward period."

Who's eligible? Active users of the 1inch platform & engaged community members.

How to check eligibility? Visit our claim portal and connect your wallet ro see if you qualify."

The Reality

This sections is included if a case involved deception or information that was unknown at the time. Examples include:

  • When the service was actually started (if different than the "official story").
  • Who actually ran a service and their own personal history.
  • How the service was structured behind the scenes. (For example, there was no "trading bot".)
  • Details of what audits reported and how vulnerabilities were missed during auditing.

What Happened

"According to monitoring by the SlowMist security team, the official 1inch Discord appears to have been hacked, and phishing links have been posted. Please be cautious with your funds."

Key Event Timeline - 1inch Official Discord Phishing Links
Date Event Description
August 27th, 2024 7:54:26 PM MDT Internet Archive Capture A capture of the phishing site is taken/saved via the internet archive.
August 27th, 2024 9:59:00 PM MDT SlowMist Incident Tweet The SlowMist security team posts a notice about the hack, including screenshots which were captured of the phishing attack itself.
August 27th, 2024 10:33:36 PM MDT Binance Square Post Binance Square reposts the news, referencing both MistTrack and TechFlow.
August 27th, 2024 11:15:00 PM MDT CoinNess Retweet CoinNess retweets the original post on their account.

Technical Details

This section includes specific detailed technical analysis of any security breaches which happened. What specific software vulnerabilities contributed to the problem and how were they exploited?

Total Amount Lost

The total amount lost is unknown.

How much was lost and how was it calculated? If there are conflicting reports, which are accurate and where does the discrepancy lie?

Immediate Reactions

"MistTrack, a crypto tracking and compliance platform developed by blockchain cybersecurity firm SlowMist, reported on X that the official Discord channel of the decentralized exchange aggregator 1Inch is suspected of being hacked."

"According to TechFlow, according to MistTrack monitoring, 1inch's official Discord is suspected to have been hacked and phishing links have been released. Please pay attention to the security of your funds."

"According to Foresight News, MistTrack has reported that the official Discord server of 1inch appears to have been compromised by hackers. The attackers have allegedly posted phishing links on the server, posing a significant risk to users. Members of the 1inch community are advised to exercise caution and avoid clicking on any suspicious links until the issue is resolved."

Ultimate Outcome

What was the end result? Was any investigation done? Were any individuals prosecuted? Was there a lawsuit? Was any tracing done?

Total Amount Recovered

There do not appear to have been any funds recovered in this case.

What funds were recovered? What funds were reimbursed for those affected users?

Ongoing Developments

What parts of this case are still remaining to be concluded?

Individual Prevention Policies

No specific policies for individual prevention have yet been identified in this case.

For the full list of how to protect your funds as an individual, check our Prevention Policies for Individuals guide.

Platform Prevention Policies

Policies for platforms to take to prevent this situation have not yet been selected in this case.

For the full list of how to protect your funds as a financial service, check our Prevention Policies for Platforms guide.

Regulatory Prevention Policies

No specific regulatory policies have yet been identified in this case.

For the full list of regulatory policies that can prevent loss, check our Prevention Policies for Regulators guide.

References

  1. SlowMist Hacked - SlowMist Zone (Accessed Sep 20, 2024)
  2. @MistTrack_io Twitter (Accessed Sep 20, 2024)
  3. @CoinnessGL Twitter (Accessed Sep 20, 2024)
  4. 1inch Network | Leading high capital efficient DeFi protocols (Accessed Jul 19, 2023)
  5. https://www.binance.com/en/square/post/2024-08-28-1inch-discord-12763349228730 (Accessed Sep 20, 2024)
  6. 1inch Official Discord Suspected of Hacking Incident (Accessed Sep 20, 2024)
  7. @ItsBitcoinWorld Twitter (Accessed Sep 20, 2024)
  8. Phishing Alert: 1inch Discord Compromised | Flash News Detail | Blockchain.News (Accessed Sep 20, 2024)
  9. https://www.binance.com/en-AU/square/post/2024-08-28-1inch-official-discord-suspected-of-hacking-incident-12763368226258 (Accessed Sep 20, 2024)
  10. https://web.archive.org/web/20240828015426/1inchio.app/rewardsclaim/ (Accessed Sep 20, 2024)
Retrieved from "https://quadrigainitiative.com/cryptocurrencyhackscamfraudwiki/index.php?title=1inch_Official_Discord_Phishing_Links&oldid=6132"