DAWN Internet Twitter/X Account Token Phishing Attacks

From Quadriga Initiative Cryptocurrency Hacks, Scams, and Frauds Repository
Jump to navigation Jump to search

Notice: This page is a freshly imported case study from an original repository. While the original content had a similar format, some sections may not have been fully completed. Please help fill in any empty sections or any missing information you can find. If you are new here, please read General Tutorial on Wikis or Anatomy of a Case Study for help getting started.

Notice: This page contains sources which are not attributed to any text. The unattributed sources follow the initial description. Please assist by visiting each source, reviewing the content, and placing that reference next to any text it can be used to support. Feel free to add any information that you come across which isn't present already. Sources which don't contain any relevant information can be removed. Broken links can be replaced with versions from the Internet Archive. See General Tutorial on Wikis, Anatomy of a Case Study, and/or Citing Your Sources Guide for additional information. Thanks for your help!

Dawn Internet Logo/Homepage

DAWN is a decentralized wireless network allowing users to buy and sell internet capacity locally, enabling them to act as their own internet providers. It uses a trustless exchange system based on proof of backhaul, location, and frequency. Users can participate by running a DAWN Validator extension and earn rewards for maintaining the network. Recently, DAWN’s Twitter/X account was compromised in phishing attacks involving fake airdrops, a new Solana token, and a Telegram group promoting a malicious phishing plugin. While the account was restored and security measures were implemented, it does not appear that any assistance was offered to affected users, and the full extent of the losses remains unclear. DAWN continues to operate.[1][2][3][4][5][6][7][8][9][10][11][12][13][14]

About Dawn Internet

DAWN is a decentralized wireless network that enables users to buy and sell internet capacity within their local area, effectively allowing individuals to act as their own internet providers. Through a protocol and hardware setup, DAWN fosters a trustless exchange system, relying on proof of backhaul, location, and frequency. Users can participate in the network by running a DAWN Validator extension, earning rewards for helping to maintain the network through proof of bandwidth and coverage. The system integrates with Helium to create a community-owned internet.

The Reality

Unfortunately, it appears that Dawn Internet did not secure their Twitter/X account.

What Happened

A series of phishing attacks were posted against followers of Dawn Internet.

Key Event Timeline - DAWN Internet Twitter/X Account Token Phishing Attacks
Date Event Description
January 14th, 2025 9:51:00 PM MST Scam Sniffer Tweet Warning 1 Scam Sniffer posts a warning about the compromised account on Twitter/X. At this time, they share a screenshot of an airdrop scam, where users are given the chance to check eligibility in an airdrop. That involves connecting their wallet with full approval to drain it.
January 14th, 2025 11:24:00 PM MST Scam Sniffer Tweet Warning 2 Scam Sniffer posts another warning. It appears that the hackers are now launching a token on Solana. They hold a large quantity of the token, and will ultimately sell once the market cap is large enough.
January 15th, 2025 1:43:00 AM MST Scam Sniffer Tweet Warning 3 Scam sniffer posts their final warning. It appears that the hacker is requesting the community to join a new Telegram group. The new Telegram group will prompt them to engage with a malicious Safeguard bot, which will attemp to phish their login details.
January 15th, 2025 3:06:00 PM MST DAWN Announces Account Recovery Dawn Internet posts an announcement on their Twitter/X to report that they have recovered access to their account.

Technical Details

The attacks consisted of the typical cases.

An airdrop was announced and users could check their eligibility. If users tried to do this, they were required to give full approval to their wallet, which would drain the funds.

There was a new token launched on Solana, which claimed to be related to Dawn Internet. Attackers acquired a large quantity of the token. Once this token gained a large enough market capitalization, the token was dumped on all users.

Finally, the hackers announced a new Telegram group for Dawn Internet followers. When followers attempted to join this Telegram group, they would be greeted by a verification bot. This verification bot required them to provide permissions, which would take over their Telegram account and could potentially by used for spamming.

Total Amount Lost

The full extent of losses from this incident are not well known.

The total amount lost is unknown.

Immediate Reactions

Real Scam Sniffers posted a number of warnings for the community. It appears that many users were affected despite these warnings.

"According to Scam Sniffer's monitoring, the X account of the decentralized autonomous wireless network project DAWN was compromised and used to post phishing tweets."

Ultimate Outcome

"Access to the DAWN account has been restored to the DAWN team and full security measures are in place. Thank you for your cooperation and patience."

Total Amount Recovered

It does not appear that Dawn Internet has done anything to assist any affected users, despite multiple community members inquiring about this possibility.

There do not appear to have been any funds recovered in this case.

Ongoing Developments

Dawn Internet continues to run and launched.

Individual Prevention Policies

No specific policies for individual prevention have yet been identified in this case.

For the full list of how to protect your funds as an individual, check our Prevention Policies for Individuals guide.

Platform Prevention Policies

Policies for platforms to take to prevent this situation have not yet been selected in this case.

For the full list of how to protect your funds as a financial service, check our Prevention Policies for Platforms guide.

Regulatory Prevention Policies

No specific regulatory policies have yet been identified in this case.

For the full list of regulatory policies that can prevent loss, check our Prevention Policies for Regulators guide.

References

  1. Real Scam Sniffer - "@dawninternet was compromised and posted phishing tweets." - Twitter/X (Accessed Mar 7, 2025)
  2. Real Scam Sniffer - "Scammers now post CA instead of phishing links" - Twitter/X (Accessed Mar 7, 2025)
  3. Real Scam Sniffer - "Now changed to post the Telegram channel that contains malicious Safeguard bots asking you to login to Telegram." - Twitter/X (Accessed Mar 7, 2025)
  4. Dawn Internet - "Access to the DAWN account has been restored to the DAWN team and full security measures are in place. Thank you for your cooperation and patience." - Twitter/X (Accessed Mar 7, 2025)
  5. @Coin8_Exchange Twitter (Accessed Mar 7, 2025)
  6. @Ahmad_Masood94 Twitter (Accessed Mar 7, 2025)
  7. @ezzyeah Twitter (Accessed Mar 7, 2025)
  8. @AtlasDraggon Twitter (Accessed Mar 7, 2025)
  9. @XenonCaspian Twitter (Accessed Mar 7, 2025)
  10. @solanasapien Twitter (Accessed Mar 7, 2025)
  11. @0xAlladin Twitter (Accessed Mar 7, 2025)
  12. @TheGreatPupdini Twitter (Accessed Mar 7, 2025)
  13. @Ahmad_Masood94 Twitter (Accessed Mar 7, 2025)
  14. @kristopherlukas Twitter (Accessed Mar 7, 2025)
Retrieved from "https://quadrigainitiative.com/cryptocurrencyhackscamfraudwiki/index.php?title=DAWN_Internet_Twitter/X_Account_Token_Phishing_Attacks&oldid=6602"