Dune Analytics Twitter Phishing Attack

From Quadriga Initiative Cryptocurrency Hacks, Scams, and Frauds Repository
Jump to navigation Jump to search

Notice: This page is a freshly imported case study from the original repository. The original content was in a different format, and may not have relevant information for all sections. Please help restructure the content by moving information from the 'About' section to other sections, and add any missing information or sources you can find. If you are new here, please read General Tutorial on Wikis or Anatomy of a Case Study for help getting started.

Notice: This page contains sources which are not attributed to any text. The unattributed sources follow the initial description. Please assist by visiting each source, reviewing the content, and placing that reference next to any text it can be used to support. Feel free to add any information that you come across which isn't present already. Sources which don't contain any relevant information can be removed. Broken links can be replaced with versions from the Internet Archive. See General Tutorial on Wikis, Anatomy of a Case Study, and/or Citing Your Sources Guide for additional information. Thanks for your help!

Dune Analytics Logo/Homepage

Dune Analytics is a blockchain data platform allowing users to query, visualize, and share data across 30+ blockchains. It boasts over 750,000 insights and community dashboards, offering essential metrics for DeFi, NFTs, and various projects or tokens. Dune Analytics did a legitimately airdrop for "steaming hot turds" to their followers in July 2023, and shortly less than a year later, another airdrop was live on their Twitter for a $DUNE token. However, the platform quickly reported a security breach, and the Dune Airdrop post was only live for about 15 minutes. The Dune team regained control of the account and warned users not to interact with any suspicious links or content shared through their official Twitter account until the issue is resolved. They stated that Dune does not conduct token sales or airdrop activities and urged users to remain vigilant against unauthorized communications.

This is a global/international case not involving a specific country.[1][2][3][4][5][6][7][8][9]

About Dune Analytics

"Crypto’s Data Platform. Query, visualize, share and export data across 30+ blockchains — build together with Web3’s biggest data community."

"Discover 750,000+ insights and community dashboards. Track essential metrics for DeFi, NFTs, and projects or tokens at a granular level." "Ride the compounding wave of the world’s largest Web3 data community. Learn from and build on 800k+ queries and 100k+ dashboards."

"Big News DUNE Community! $DUNE first airdrop is here. All DUNE users have a right to claim a piece of the initial supply of $DUNE."

"The blockchain data analysis platform Dune tweeted that its account was compromised earlier today and a fake post about a Dune Airdrop was live for about 15 minutes. The Dune team now has control over the account again."

"Dune Analytics account appears to be compromised. DO NOT INTERACT WITH THIS LINK! A big tell that this is a scam is the “distribution-dune[.]com” domain which is not a subdomain of the actual http://dune.com domain but a brand new domain expressly created for phishing"

"Dear Dune Community, We are writing to inform you of a critical security concern involving Dune's official Twitter account (@DuneAnalytics). Just now, we have identified suspicious attempts to access the account. Our team is actively working to securt the account and mitigate any potential threats."

"For Your Safety: Please exercise caution and avoid engaging with any links or content shared through Dune's official Twitter account until we resolve this issue."

"A general reminder, Dune does not conduct any token sales or airdrop activities. Please be vigilant and cautious of any communications claiming otherwise, as these are not authorized by Dune."

"We will keep you updated as we learn more and will notify you when the account is secure again."

"This account was compromised for the last ~90 minutes.

A fake post about a Dune Airdrop was live for about 15 minutes.

Reminder that there is no Dune airdrop or token currently live or planned.

The Dune team now has control over the account again."

This is a global/international case not involving a specific country.

The background of the exchange platform, service, or individuals involved, as it would have been seen or understood at the time of the events.

Include:

  • Known history of when and how the service was started.
  • What problems does the company or service claim to solve?
  • What marketing materials were used by the firm or business?
  • Audits performed, and excerpts that may have been included.
  • Business registration documents shown (fake or legitimate).
  • How were people recruited to participate?
  • Public warnings and announcements prior to the event.

Don't Include:

  • Any wording which directly states or implies that the business is/was illegitimate, or that a vulnerability existed.
  • Anything that wasn't reasonably knowable at the time of the event.

There could be more than one section here. If the same platform is involved with multiple incidents, then it can be linked to a main article page.

The Reality

This sections is included if a case involved deception or information that was unknown at the time. Examples include:

  • When the service was actually started (if different than the "official story").
  • Who actually ran a service and their own personal history.
  • How the service was structured behind the scenes. (For example, there was no "trading bot".)
  • Details of what audits reported and how vulnerabilities were missed during auditing.

What Happened

The specific events of the loss and how it came about. What actually happened to cause the loss and some of the events leading up to it.

Key Event Timeline - Dune Analytics Twitter Phishing Attack
Date Event Description
July 14th, 2023 8:49:00 AM MDT Dune Analytics AirDump Dune Analytics announces "The Dune Airdump!!!" where "[a]nyone with their address connected to Dune can mint 1 of 1337 steaming hot turds".
July 14th, 2023 9:11:00 AM MDT AirDump Phishing Accusation Due is accused that their airdump project "seems phishing".
April 2nd, 2024 12:17:00 AM MDT Phishing Scams Increasing In an ironic twist, it's noted that the number of phishing attacks has increased 1900%.
April 29th, 2024 11:32:00 AM MDT Twitter Warning LegalPrimes Twitter user LegalPrimes warns that the "Dune Analytics account appears to be compromised".
April 29th, 2024 11:39:00 AM MDT Phishing Screenshot Captured A screenshot of the phishing attack is captured by the Altcoin News twitter account.
April 29th, 2024 11:53:00 AM MDT Warning On Twitter Dune publishes an update to users, and this is shared on Twitter.
April 29th, 2024 11:59:00 AM MDT Tweet By Dune Analytics Dune Analytics posts a tweet about
April 30th, 2024 10:47:00 PM MDT CoinEdition Article CoinEdition publishes an article and tweet about the phishing attack.

Technical Details

This section includes specific detailed technical analysis of any security breaches which happened. What specific software vulnerabilities contributed to the problem and how were they exploited?

Total Amount Lost

The total amount lost is unknown.

How much was lost and how was it calculated? If there are conflicting reports, which are accurate and where does the discrepancy lie?

Immediate Reactions

How did the various parties involved (firm, platform, management, and/or affected individual(s)) deal with the events? Were services shut down? Were announcements made? Were groups formed?

Ultimate Outcome

What was the end result? Was any investigation done? Were any individuals prosecuted? Was there a lawsuit? Was any tracing done?

Total Amount Recovered

There do not appear to have been any funds recovered in this case.

What funds were recovered? What funds were reimbursed for those affected users?

Ongoing Developments

What parts of this case are still remaining to be concluded?

Individual Prevention Policies

No specific policies for individual prevention have yet been identified in this case.

For the full list of how to protect your funds as an individual, check our Prevention Policies for Individuals guide.

Platform Prevention Policies

Policies for platforms to take to prevent this situation have not yet been selected in this case.

For the full list of how to protect your funds as a financial service, check our Prevention Policies for Platforms guide.

Regulatory Prevention Policies

No specific regulatory policies have yet been identified in this case.

For the full list of regulatory policies that can prevent loss, check our Prevention Policies for Regulators guide.

References

  1. SlowMist Hacked - SlowMist Zone (May 23, 2024)
  2. @DuneAnalytics Twitter (May 24, 2024)
  3. @GemStateStacker Twitter (May 24, 2024)
  4. @ElCryptoCoco Twitter (May 24, 2024)
  5. @LegalPrimes Twitter (May 24, 2024)
  6. @crypto__mak Twitter (May 24, 2024)
  7. @theblockupdates Twitter (May 24, 2024)
  8. @Altcoin_Alerts Twitter (May 24, 2024)
  9. https://dune.com/home (May 24, 2024)
Retrieved from "https://quadrigainitiative.com/cryptocurrencyhackscamfraudwiki/index.php?title=Dune_Analytics_Twitter_Phishing_Attack&oldid=5975"