Avalanche Official Discord Compromise Fake Airdrop

From Quadriga Initiative Cryptocurrency Hacks, Scams, and Frauds Repository
Jump to navigation Jump to search

Notice: This page is a freshly imported case study from an original repository. While the original content had a similar format, some sections may not have been fully completed. Please help fill in any empty sections or any missing information you can find. If you are new here, please read General Tutorial on Wikis or Anatomy of a Case Study for help getting started.

Notice: This page contains sources which are not attributed to any text. The unattributed sources follow the initial description. Please assist by visiting each source, reviewing the content, and placing that reference next to any text it can be used to support. Feel free to add any information that you come across which isn't present already. Sources which don't contain any relevant information can be removed. Broken links can be replaced with versions from the Internet Archive. See General Tutorial on Wikis, Anatomy of a Case Study, and/or Citing Your Sources Guide for additional information. Thanks for your help!

Avalanche Logo/Homepage

Avalanche is an innovative blockchain which is designed to be fast and scalable, without sacrificing security. On August 25th, their official Discord channel started promoting an airdrop that was supposedly going to distribute 4% of the total supply of AVAX to participants. In reality, the Discord server had been taken over, the site was unrelated to Avalanche, and anyone who attempted to participate would have their wallet drained. It is unclear if any users fell for the scam. The server was secured within a couple of hours andbrought back online later in the day.[1][2][3][4][5][6][7][8][9][10][11][12][13][14][15][16][17][18][19][20][21][22][23][24][25][26][27][28][29][30][31][32][33][34][35][36][37][38][39][40][41][42][43][44][45][46][47][48][49][50][51][52][53][54][55][56][57][58][59][60][61][62][63][64][65][66][67][68][69][70][71][72][73][74][75][76][77][78][79][80][81][82][83][84][85][86][87][88][89][90][91][92][93][94][95][96][97]

About Avalanche

"Build anything you want, any way you want on the lightning fast, scalable blockchain that won’t let you down. Choosing the wrong blockchain can kill your dApp before it ever has a chance to succeed, but it doesn’t have to be this way. Launch with confidence on Avalanche." "Avalanche has the advanced tooling you need to accelerate from idea to launch. Don’t miss out because it took too long to deploy on Mainnet. Take advantage of the low-code tooling and configurability that makes it easy to launch your Web3 innovation in less than 60 seconds."

"Subnets set a new bar for scalability, without sacrificing speed, reliability, and security. Users hate waiting. Scaling at the cost of performance or security is not an option. Avalanche’s novel architecture allows for a universe of independent, but interconnected, blockchains that are all validated and kept secure by dynamic subsets of validators." "Over the last year, tens of thousands of people came together at Avalanche events worldwide. As one of the industry’s most diverse and supportive communities, Avalanche boasts members from all walks of life, with over 18 languages supported across the 1M+ strong online community."

"The Avalanche $AVAX Token Distribution Has Started! It's time to launch the distribution phase of the $AVAX program. Holder & community members are free to claim below on our claim portal. $AVAX - 4% of initial supply will be distribute to all community members & campaign participants. We hope to see everyone participate & a huge thank you to the community and everyone who made this possible!"

The Reality

This sections is included if a case involved deception or information that was unknown at the time. Examples include:

  • When the service was actually started (if different than the "official story").
  • Who actually ran a service and their own personal history.
  • How the service was structured behind the scenes. (For example, there was no "trading bot".)
  • Details of what audits reported and how vulnerabilities were missed during auditing.

What Happened

The specific events of the loss and how it came about. What actually happened to cause the loss and some of the events leading up to it.

Key Event Timeline - Avalanche Official Discord Compromise Fake Airdrop
Date Event Description
August 25th, 2024 10:37:00 AM MDT Timestamp Of Phishing Post According to a post by CapricornCrypto, the timestamp of the phishing post is 13:37 PM, presumably eastern time.
August 25th, 2024 10:43:00 AM MDT First Twitter Mention X user jt_squared2 notes that it "[l]ooks like the @Avax Discord server may have been compromised" and advices users not to click on any links.
August 25th, 2024 10:49:00 AM MDT Discord Hacked With Screenshot X user CapricornCrypto shares a notice and screenshot of the Discord hack on Twitter.
August 25th, 2024 10:59:00 AM MDT Discord Definitely Hacked X user 0x7ama declares the discord is hacked. X user Lando notes shortly thereafter that the Discord has definitely been hacked at this point.
August 25th, 2024 11:02:00 AM MDT Hack Screenshot Posted X user AliTslm posts a screenshot of the phishing posts present on Discord, which are impersonating one of the moderators named Chimba.
August 25th, 2024 11:23:00 AM MDT Hacked Over An Hour A Tweet on X by paperX_Art describes that the Discord has been hacked for "over an hour" and asks if the team can do something about it.
August 25th, 2024 11:23:00 AM MDT Twitter Post About Breach In a Twitter post, Avalanche issues a "SECURITY ALERT" since the "official Avalanche Discord has been compromised". The community is advised not to "interact with any accounts or click any links until further notice".
August 25th, 2024 11:45:00 AM MDT Chimba Was Not Hacked Chimba, the moderator to whom the airdrop is attributed, posts on X to notify that the team is aware and that their account was not what was hacked. "My account was not hacked. There were a number of accounts created with slightly different usernames."
August 25th, 2024 12:13:00 PM MDT Issue Apparently Resolved "We found the issue and we have it resolved. In the process we had to delete/remove suspected channels and roles just to name a few. We will work diligently to get everything back to normal. Thank you for your patience."
August 25th, 2024 1:05:00 PM MDT Officially Secured Confirmation The official Avalanche Twitter account reports that the Twitter has been "resecured". The community managers will relaunch the Discord when they feel it's appropriate.
August 25th, 2024 2:18:00 PM MDT Speculation Of Polygon Relationship A Twitter discussion of whether the Avalanche and recent Polygon Discord account breaches are related.

Technical Details

URL Of Scam Site: avaxsnetwork.com/claims

Total Amount Lost

The total amount lost is unknown.

How much was lost and how was it calculated? If there are conflicting reports, which are accurate and where does the discrepancy lie?

Immediate Reactions

"In an Aug. 25 post to X, the official account for Avalanche shared that its Discord server had been compromised and urged users not to interact with or click on any links.

According to screenshots shared by members of the Avalanche Discord on X, the attackers posted several links to sham “distribution” schemes for Avalanche tokens, claiming that holders and community members could claim free AVAX."

Ultimate Outcome

"An hour later, Avalanche’s community lead, Ben Well, wrote that the Avalanche team had “found” the issue and resolved it. He added that the team was working to restore the server to normal."

"UPDATE: The official Avalanche Discord has been resecured and will reopen when CMs deem appropriate."

Total Amount Recovered

There do not appear to have been any funds recovered in this case.

What funds were recovered? What funds were reimbursed for those affected users?

Ongoing Developments

What parts of this case are still remaining to be concluded?

Individual Prevention Policies

No specific policies for individual prevention have yet been identified in this case.

For the full list of how to protect your funds as an individual, check our Prevention Policies for Individuals guide.

Platform Prevention Policies

Policies for platforms to take to prevent this situation have not yet been selected in this case.

For the full list of how to protect your funds as a financial service, check our Prevention Policies for Platforms guide.

Regulatory Prevention Policies

No specific regulatory policies have yet been identified in this case.

For the full list of regulatory policies that can prevent loss, check our Prevention Policies for Regulators guide.

References

  1. SlowMist Hacked - SlowMist Zone (Accessed Sep 18, 2024)
  2. @alexanderchopan Twitter (Accessed Sep 18, 2024)
  3. @BowTiedPickle Twitter (Accessed Sep 18, 2024)
  4. Avalanche、ZKsync官方Discord服务器遭遇攻击 - PANews (Accessed Sep 18, 2024)
  5. https://cointelegraph.com/news/polygon-discord-scam-hits-avalanche-zksync-hours-later (Accessed Sep 18, 2024)
  6. Polygon discord compromise hits Avalanche, ZKsync hours later (Accessed Sep 18, 2024)
  7. Avalanche and ZKsync Discord Servers Compromised (Accessed Sep 18, 2024)
  8. @CoinnessGL Twitter (Accessed Sep 18, 2024)
  9. @avax Twitter (Accessed Sep 19, 2024)
  10. @avax Twitter (Accessed Sep 19, 2024)
  11. @RealAlCrypto Twitter (Accessed Sep 19, 2024)
  12. @MaskaraChico Twitter (Accessed Sep 18, 2024)
  13. @jt_squared2 Twitter (Accessed Sep 19, 2024)
  14. @CapricornCrypto Twitter (Accessed Sep 19, 2024)
  15. @AliTslm Twitter (Accessed Sep 19, 2024)
  16. @paperX_Art Twitter (Accessed Sep 19, 2024)
  17. @Echoeweb Twitter (Accessed Sep 19, 2024)
  18. @Kerberus Twitter (Accessed Sep 19, 2024)
  19. @stogchog Twitter (Accessed Sep 19, 2024)
  20. @Dave_Ster_ Twitter (Accessed Sep 19, 2024)
  21. @SemperCry Twitter (Accessed Sep 19, 2024)
  22. @Ryan_Lpe Twitter (Accessed Sep 19, 2024)
  23. @LandoAlpha Twitter (Accessed Sep 19, 2024)
  24. @DerekSilva Twitter (Accessed Sep 19, 2024)
  25. @lisavax1 Twitter (Accessed Sep 19, 2024)
  26. @0x7ama Twitter (Accessed Sep 19, 2024)
  27. @0xWichita Twitter (Accessed Sep 19, 2024)
  28. @whaleclubcom Twitter (Accessed Sep 19, 2024)
  29. @LandoAlpha Twitter (Accessed Sep 19, 2024)
  30. @DocDinDoNun Twitter (Accessed Sep 19, 2024)
  31. @DegenerateNews Twitter (Accessed Sep 19, 2024)
  32. @FreedomXarokk Twitter (Accessed Sep 19, 2024)
  33. @RYAN_ATHI Twitter (Accessed Sep 19, 2024)
  34. @VoiceofCrypto2 Twitter (Accessed Sep 19, 2024)
  35. @KaneLeVrai Twitter (Accessed Sep 19, 2024)
  36. @ChainAffairs Twitter (Accessed Sep 19, 2024)
  37. @Patrick_DefiGuy Twitter (Accessed Sep 19, 2024)
  38. @TRinzlerx Twitter (Accessed Sep 19, 2024)
  39. @chiknskull Twitter (Accessed Sep 19, 2024)
  40. @Ryan_Triumph Twitter (Accessed Sep 19, 2024)
  41. @DRiidduu Twitter (Accessed Sep 19, 2024)
  42. @WeAreCutiePies Twitter (Accessed Sep 19, 2024)
  43. @JustnThePhotog Twitter (Accessed Sep 19, 2024)
  44. @CryptoBenelux1 Twitter (Accessed Sep 19, 2024)
  45. @xmrware Twitter (Accessed Sep 19, 2024)
  46. @crypto_inning Twitter (Accessed Sep 19, 2024)
  47. @cryptochimba Twitter (Accessed Sep 19, 2024)
  48. @ismeidyfinanzas Twitter (Accessed Sep 19, 2024)
  49. @_ZoneCrypto_ Twitter (Accessed Sep 19, 2024)
  50. @restu_danar Twitter (Accessed Sep 19, 2024)
  51. @AvaxNG Twitter (Accessed Sep 19, 2024)
  52. @mindfrozentime Twitter (Accessed Sep 19, 2024)
  53. @rivxlabs Twitter (Accessed Sep 19, 2024)
  54. @Bitguacamole Twitter (Accessed Sep 19, 2024)
  55. @Cryptooriider Twitter (Accessed Sep 19, 2024)
  56. @TheCryptoBlade Twitter (Accessed Sep 19, 2024)
  57. @grenvilleriley Twitter (Accessed Sep 19, 2024)
  58. @Avalanche_pt Twitter (Accessed Sep 19, 2024)
  59. @CryptoniteUae Twitter (Accessed Sep 19, 2024)
  60. @0xRouss Twitter (Accessed Sep 18, 2024)
  61. @Wrathtank_avax Twitter (Accessed Sep 19, 2024)
  62. @realtombibiyan Twitter (Accessed Sep 19, 2024)
  63. @GenesisBchain Twitter (Accessed Sep 19, 2024)
  64. @JanSebaTrach Twitter (Accessed Sep 19, 2024)
  65. @TheTonLad Twitter (Accessed Sep 19, 2024)
  66. @OddSorce Twitter (Accessed Sep 19, 2024)
  67. @chicamaterialok Twitter (Accessed Sep 19, 2024)
  68. @avaxspaces Twitter (Accessed Sep 19, 2024)
  69. @Jon_HQ Twitter (Accessed Sep 18, 2024)
  70. @The_NewsCrypto Twitter (Accessed Sep 19, 2024)
  71. @whoaminev Twitter (Accessed Sep 19, 2024)
  72. @AlphasOfAvax Twitter (Accessed Sep 19, 2024)
  73. @fernandoavax Twitter (Accessed Sep 19, 2024)
  74. @De_FiSecurity Twitter (Accessed Sep 19, 2024)
  75. @GenesisBchain Twitter (Accessed Sep 19, 2024)
  76. @Crypto_on_Grafa Twitter (Accessed Sep 19, 2024)
  77. @kostaszrk Twitter (Accessed Sep 19, 2024)
  78. @Prism_Blocks Twitter (Accessed Sep 19, 2024)
  79. @DasAbhyudoy Twitter (Accessed Sep 19, 2024)
  80. @Daily_Cripto Twitter (Accessed Sep 19, 2024)
  81. @tdlintern Twitter (Accessed Sep 19, 2024)
  82. @WEBMASTERMIND1 Twitter (Accessed Sep 19, 2024)
  83. @InvezzPortal Twitter (Accessed Sep 19, 2024)
  84. @todayindefi Twitter (Accessed Sep 19, 2024)
  85. @esatoshiclub Twitter (Accessed Sep 19, 2024)
  86. @ItsBitcoinWorld Twitter (Accessed Sep 19, 2024)
  87. @XGroked Twitter (Accessed Sep 19, 2024)
  88. @Rahim_mahtab Twitter (Accessed Sep 19, 2024)
  89. @AngryCrypt0 Twitter (Accessed Sep 19, 2024)
  90. @xavierverse Twitter (Accessed Sep 19, 2024)
  91. @FXScrypto Twitter (Accessed Sep 19, 2024)
  92. @CertiKAlert Twitter (Accessed Sep 19, 2024)
  93. @beincrypto_es Twitter (Accessed Sep 19, 2024)
  94. @BlackchaiNews Twitter (Accessed Sep 19, 2024)
  95. @TrustVikstar Twitter (Accessed Sep 19, 2024)
  96. @cryptoMODerator Twitter (Accessed Sep 19, 2024)
  97. @voicelark Twitter (Accessed Sep 19, 2024)
Retrieved from "https://quadrigainitiative.com/cryptocurrencyhackscamfraudwiki/index.php?title=Avalanche_Official_Discord_Compromise_Fake_Airdrop&oldid=6126"