GM Studios Discord Hacked savino910

From Quadriga Initiative Cryptocurrency Hacks, Scams, and Frauds Repository
Jump to navigation Jump to search

Notice: This page is a new case study and some aspects have not been fully researched. Some sections may be incomplete or reflect inaccuracies present in initial sources. Please check the References at the bottom for further information and perform your own additional assessment. Please feel free to contribute by adding any missing information or sources you come across. If you are new here, please read General Tutorial on Wikis or Anatomy of a Case Study for help getting started.

GM Studios

GM Studios is a web3 animation studio producing various NFTs, including a project called Random Ravers. savino910 invested in the TAOS NFT, and was excited about purchasing more NFTs in the future when he came across an exciting announcement in the Discord channel for a free mint. After giving the website full access to his wallet, he was surprised to find all of his NFTs taken. In the end, it appears that GM Studios reimbursed half of the loss. There is no evidence that any other recovery as possible or that further investigation happened.

About Savino9.Eth

Savino9.eth is a Twitter user since June 2018 from Amsterdam[1]. He is a web developer with a strong interest in web development, proposing a fix for a problem on the OpenSea website[2] and completing an NFT web development course[3].

Savino9.eth has a strong interest in NFTs. He really wanted a Taos NFT, and got one for himself[4][5].

Some random facts about Savino9.eth:

  • He thinks it looks awesome to replace the S in his name with a thunder emoji[6].
  • He is old enough to remember having VCRs in classrooms[7].
  • He is critical that attractive girls gain followings easily[8].
  • His scientist is a red zombie pirate[9].
  • He once provided the Ethereum address 0xF30aa55510bf38026fA08aA4656309dfa5bf7f65 when participating in a giveaway[10].

About GM Studios

Homepage: [11]

Twitter description: [12]

LinkedIn profile: [13]

Contact: [14]

GM Studios is "a web3 Animation Studio developing next-gen brands and blockchain solutions for the Metaverse. We deliver the perfect blend between creative design, art and technology." They "creat[e] experiences through storytelling, technology and community. [They] are here to create, build and shape the Metaverse one GM at a time." Some of their projecs include "Metaverse Music Festival · M.U.G.S. (made under great stress) · Random Ravers · UNTZ King · ROLAND Lifestyle · The Raverse · Pride at Decentraland."

Twitter user savino910 is an experienced web developer who grew up with VCRs in the classroom. His "scientist is a red zombie pirate" and he "love[s] Twitter because [he] can put a thunder emoji to replace the "S" on [his] name and [it] looks pretty awesome!" After his "first free mint" on April 11th, for the "[f]irst time in [his] life [winning] a giveaway in [a] discord server" on April 29th, and an unsuccessful bid on May 2nd, on May 9th, 2022, he finally "got [him]self a gift called TAOS. If you know, you know it. :)". He was "soo bullish on @RENGA_inc[ he'd] probably buy another one[!]"

On "[S]unday", May 22nd, 2022, an exciting announcement came "from an admin of [the] official Discord of [the Random Ravers] project."

"Hello GM. The time has finally come! Introducing the GM's Gold Pass. We will be releasing 100 copies of our gold passes listed below, including being entered into our Bored Ape Giveaway. (BAYC #9994)"

"GM Gold Pass Utilities: Entered into our Bored Ape giveaway (Only Gold pass holders can enter). Free Monthly Airdrops. Whitelist for future GM mints. You can mint the GM Gold Pass here for free. (This is the only official link. Don't click any others in DMs or elsewhere.)"




TBD add The background of the exchange platform, service, or individuals involved, as it would have been seen or understood at the time of the events.

Include:

  • Known history of when and how the service was started.
  • What problems does the company or service claim to solve?
  • What marketing materials were used by the firm or business?
  • Audits performed, and excerpts that may have been included.
  • Business registration documents shown (fake or legitimate).
  • How were people recruited to participate?
  • Public warnings and announcements prior to the event.

Don't Include:

  • Any wording which directly states or implies that the business is/was illegitimate, or that a vulnerability existed.
  • Anything that wasn't reasonably knowable at the time of the event.

There could be more than one section here. If the same platform is involved with multiple incidents, then it can be linked to a main article page.

The Reality

But alas, it was all a lie.

This sections is included if a case involved deception or information that was unknown at the time. Examples include:

  • When the service was actually started (if different than the "official story").
  • Who actually ran a service and their own personal history.
  • How the service was structured behind the scenes. (For example, there was no "trading bot".)
  • Details of what audits reported and how vulnerabilities were missed during auditing.

What Happened

The specific events of the loss and how it came about. What actually happened to cause the loss and some of the events leading up to it.

Key Event Timeline - GM Studios Discord Hacked savino910
Date Event Description
April 11th, 2022 6:56:00 AM MDT Savino Completed First Free Mint savino9.eth completes his first free mint of a boohooverse Access Card[15].
April 29th, 2022 1:29:00 AM MDT Savino Wins Discord NFT Giveaway "First time in my life I won a giveaway in our discord server"[16].
May 20th, 2022 4:16:00 AM MDT Bullish Sentiments savino9.eth posts his optimistic "bullish" sentiments on Twitter for the Renga project[17].
May 22nd, 2022 4:01:00 AM MDT First Tweet About Loss savino9.eth first posts to Twitter about what happened, warning others about the hacked Discord[18]. TBD explore reactions.
May 22nd, 2022 4:28:00 AM MDT Scammer Claiming To Be Support A scam account on Twitter claims to be GM Studios support in direct response to the incident[19].
May 22nd, 2022 4:43:00 AM MDT Drama of The Day savino9.eth shares a screenshot of the Discord channel with the compromised post and a claim that 50 ETH has been stolen including his Taos[20].
May 22nd, 2022 5:29:00 AM MDT Screenshot Shared savino9.eth shares another screenshot of the Discord channel with the scam still prominently displayed[21].
May 22nd, 2022 8:05:00 AM MDT GM Studios Acknowledges Attack GM Studios publishes a tweet to acknowledge the attack, requests users to DM them, and promises that they will "solve this"[22][23].
May 22nd, 2022 8:40:00 AM MDT Posting About Situation savino9.eth posts about his "very exp[e]nsive mistake"[24].
May 22nd, 2022 10:20:00 AM MDT Request For Help savino9.eth reaches out to the GM Studios team to report his "Renga" NFT as stolen[25][23].
May 23rd, 2022 1:34:00 AM MDT In Contact With GM Studios savino9.eth reports that he's in contact with GM Studios, but doesn't have anything further to report[26].
May 23rd, 2022 5:03:00 AM MDT Reports About Repeated Scamming savino9.eth reports that even after the first scam, he has repeatedly experienced attempts from other scammers to scam him further[27].
May 24th, 2022 2:33:00 AM MDT Reports GM Studios are Taking Responsibility savino9.eth reports that he had an AMA with the GM Studios team the previous day and they are willing to cover 50% of the loss[28].
May 24th, 2022 11:09:00 AM MDT Attempt To Reach bsellop savino9.eth posts on Twitter asking for help to reach bsellop, who currently owns his Taos NFT[29][30]. TBD explore more.
May 25th, 2022 3:15:00 AM MDT Mentioned Again in Tweet savino9.eth posts again on Twitter about the situation[31].
May 25th, 2022 3:39:00 AM MDT Asking About Tracking Down Scammer savino9.eth asks about how to track down the scammer[32].

Total Amount Lost

The total amount lost has been estimated at $104,000 USD.

[33]

How much was lost and how was it calculated? If there are conflicting reports, which are accurate and where does the discrepancy lie?

Immediate Reactions

How did the various parties involved (firm, platform, management, and/or affected individual(s)) deal with the events? Were services shut down? Were announcements made? Were groups formed?


"Official Discord of @gmstudiosgg has been hacked! I lost my TAOS because of the fraudulent website somebody posted on their channel! Be aware guys!"

"I made a very expansive mistake today. I totally trusted someone/something without checking. This is [a] very big mistake that costed me the most expansive NFT that I bought so far." He "lost 1.108 eth[ereum] because of [approving his wallet on the] scam website posted from an admin of [the] official Discord of [the Random Ravers] project."

"Bro here the DRAMA OF THE DAY!! GM Studios discord has been hacked and 1 [scammer] stole 50ETH!! I personally lost my TAOS in this because they used the admin account to point to a fake mint website. Can you help in anyways? This deserve a lesson.."

He followed up to report the theft on OpenSea.

"Guys if anyone knows who could be this guy here. He has my TAOS I'd like to talk to him for an agreement. YOU CAN ALL SEE THAT THIS ITEM HE OWN IS BLOCKED AND REPORTED FOR SUSPICIOUS ACTIVITY. YES, THAT'S BECAUSE IT'S MINE AND GOT STOLEN." "It's reported and blocked because it was stolen from me! Help me to get in touch with him."

Random community Twitterers like @EmilyRo72507991 stepped forward to "assist" and "support". "Hello this is GM Studios [s]upport. Do you require any assistance? [K]indly do well to direct message us to help to resolve your issue. Direct-message us now. Thank you."

"Hello this is GM Studios [s]upport. Do you require any assistance? [K]indly do well to direct message us to help to resolve your issue. Direct-message us now. Thank you."

"And look all those messages of people saying that you can message another scam on [Instagram] or whatever[. I]t's really sad." "What really concern[s] me is that even if something bad happened like loosing something valuable, that doesn't stop other [scammers from] try[ing] to scam you AGAIN!!"


The GM Studios team acknowledged the attack and promised their community that they would "solve" it[22].

SCAM ALERT - Our Discord was hacked. If your wallet was compromised, DM us on twitter and we will solve this.


Finally, 4 hours after the incident, the GM Studios team made an announcement.

"Our Discord was hacked. If your wallet was compromised, [direct message] us on [T]witter and we will solve this."

Ultimate Outcome

What was the end result? Was any investigation done? Were any individuals prosecuted? Was there a lawsuit? Was any tracing done?


savino910 "sent [them] a [direct message] please help! My Renga NFT got stolen!" He reported the next day being "in contact with @gmstudiosgg[. H]opefully they will help." It appears he was ultimately able to recover half the lost value from their team.

"G[ood ]m[orning] guys! News from the stolen NFT situation: I had an ["ask me anything"] yesterday with the team of @gmstudiosgg[. T]hey're taking responsibilities and willing to pay back 50% of the stolen assets. Hoping that we can move on from this bad situation and learn something. Thanks guys for your support."

With everything sorted out, all record of the incident are now scrubbed from GM Studios' Twitter.

Total Amount Recovered

The total amount recovered has been estimated at $52,000 USD.

What funds were recovered? What funds were reimbursed for those affected users?

Ongoing Developments

What parts of this case are still remaining to be concluded?

Individual Prevention Policies

Always be extremely careful about which permissions are given up in every interaction. Store the majority of assets fully offline when not being used. Check any giveaways against multiple sources. No legitimate platform will make an announcement in only one location.

Every approval on Web3 is an opportunity to lose all of the funds present in your wallet. Take the time to review the transaction in full. Fully check over the balance, permissions, and entire address which you are interacting with. Do not trust that your clipboard or any website front-end is guaranteed to provide an accurate address or transaction status. Always perform a test transaction prior to the first high-value transaction in any session.

Any time that you are promised any profit or benefit in exchange for an initial payment, smart contract approval, or deposit, pay special care as to whether the entity making that offer is trustworthy, actually who they say they are, and has the means to fulfill what they're promising. There are no magic algorithms providing guaranteed returns from trading or mining. Trading on average will lose money. Mining is expensive and complex. No one is going to immediately send back more than you sent them. NFT projects will rarely announce a surprise mint in only a single location. Are you fully prepared for the event your money is kept and nothing is delivered in return?

Store the majority of funds offline. By offline, it means that the private key and/or seed phrase is exclusively held by you and not connected to any networked device. Examples of offline storage include paper wallets (seed phrase or key written down and deleted from all electronic media), hardware wallets, steel wallet devices, etc...

Any time untrusted software is being run is an opportunity for abuse. It is recommended to always interact with cryptocurrency in a fully controlled environment, which is an environment where you have understanding of every piece of software running there. Using a hardware wallet, spare computer with all software wiped, and/or virtual machine with only the needed software greatly reduces your attack surface. Take the time to verify downloaded files come from the correct and expected source and match available hashes if provided. Any time you encounter a new file, always check if it can contain executable code prior to using it.

For the full list of how to protect your funds as an individual, check our Prevention Policies for Individuals guide.

Platform Prevention Policies

Never take for granted the limited knowledge of users of your service and their tendency to skip past provided information. It is recommended to design a simple tutorial and quiz for new users which explains the basics of seed phrases, strong password generation, secure two-factor authentication, common fraud schemes, how ponzi schemes work, as well as other risks which are unique to the cryptocurrency space. This tutorial and quiz should ensure their understanding and be a standard part of the sign-up or download process which is difficult or impossible to skip.

Work with other industry platforms to set up a multi-signature wallet with private keys held separately by delegate signatories from seven prominent platforms and services within the industry. Establish requirements for contributions by all platforms and services, designed to be affordable for small platforms yet large enough to cover anticipated breach events. Any breach event can be brought forth by a member platform or a petition of 100 signatures for consideration by the delegate signatories. A vote of 4 or more delegate signatures is required to release any funds, which could partially or fully restore lost funds based on their assessment.

For the full list of how to protect your funds as a financial service, check our Prevention Policies for Platforms guide.

Regulatory Prevention Policies

Create a standard tutorial and quiz for all new cryptocurrency participants, which is required to be completed once per participant. This tutorial and quiz should cover the basics of proper seed phrase protection, strong password generation, secure two-factor authentication, common fraud schemes, how to detect and guard against phishing attacks, how ponzi schemes work, as well as other risks which are unique to the cryptocurrency space.

Set up a multi-signature wallet with private keys held separately by delegate signatories from seven prominent platforms and services within the industry. Establish requirements for contributions by all platforms and services within the country, designed to be affordable for small platforms yet large enough to cover anticipated breach events. Any breach event can be brought forth by a member platform or a petition of 100 signatures for consideration by the delegate signatories. A vote of 4 or more delegate signatures is required to release any funds, which could partially or fully restore lost funds based on their assessment.

For the full list of regulatory policies that can prevent loss, check our Prevention Policies for Regulators guide.

References

  1. savino910 Profile - Twitter (Jun 12, 2023)
  2. savino910 - "You have a problem with the sticky position of one of your element. I can fix it for you for a free NFT haha. I've made a screen-record of how I fixed (of course locally using dev-tools) and how I expect to see this." - Twitter (Jan 8, 2023)
  3. savino910 - "Only 4 sections before I complete the NFT web development course!! So excited! I've learned a lot of new stuff!!" - Twitter (Jan 8, 2023)
  4. savino910 - "I really want a taos NFT I can offer .5 eth! Anyone?" - Twitter (Jan 8, 2023)
  5. savino910 - "Gm!! Soo yesterday I've got myself a gift called TAOS. If you know, you know it. :)" - Twitter (Jan 8, 2023)
  6. savino910 - "I can put a thunder emoji to replace the "S" on my name and looks pretty awesome! haha" - Twitter (Jan 8, 2023)
  7. savino910 - "Yes" (Old enough to remember VCRs) - Twitter (Jan 8, 2023)
  8. savino910 - "Gm guys! So only if you are a good looking girl you can tweet dumb [stuff] like: remember to drink water >>> and get thousands of like and retweet." - Twitter (Jan 8, 2023)
  9. savino910 - "My scientist is a red zombie pirate" - Twitter (Jan 8, 2023)
  10. savino910 - "0xF30aa55510bf38026fA08aA4656309dfa5bf7f65" - Twitter (Jan 8, 2023)
  11. GM Studios (Jan 7, 2023)
  12. gmstudiosgg - "We are a web3 animation studio building the Metaverse one mint at a time" - Twitter (Jan 7, 2023)
  13. https://www.linkedin.com/company/gmstudios (Jan 7, 2023)
  14. Contact — GM Studios (Jan 7, 2023)
  15. savino910 - "My first free mint. Not too bad :)" - Twitter (Jan 8, 2023)
  16. savino910 - "First time in my life I won a giveaway in our discord server" - Twitter (Jan 8, 2023)
  17. savino910 - "I'm soo bullish on @RENGA_inc I'll probably buy another one" - Twitter (Jan 7, 2023)
  18. savino910 - "Official Discord of @gmstudiosgg has been hacked! I lost my TAOS because of the fraudulent website somebody posted on their channel!" - Twitter (Jan 7, 2023)
  19. EmilyRo72507991 - "Hello this is GM Studios [s]upport. Do you require any assistance? kindly do well to direct message us" - Twitter (Jan 7, 2023)
  20. savino910 - "Bro here the DRAMA OF THE DAY!! GM Studios discord has been hacked and 1 [scammer] stole 50ETH!! I personally lost my TAOS" - Twitter (Jan 7, 2023)
  21. savino910 Sharing a Screenshot of the Malicious Link - Twitter (Jan 7, 2023)
  22. 22.0 22.1 gmstudiosgg - "Our Discord was hacked. If your wallet was compromised, DM us on twitter and we will solve this." - Twitter Archive May 22nd, 2022 8:07:09 AM MDT (Jan 7, 2023)
  23. 23.0 23.1 savino910 - "Hi I just sent you a DM please help! My Renga NFT got stolen!" - Twitter Archive May 22nd, 2022 10:21:13 AM MDT (Jan 7, 2023)
  24. savino910 - "I made a very expansive mistake today. I totally trusted someone/something without checking." - Twitter (Jan 7, 2023)
  25. savino910 - "Hi I just sent you a DM please help! My Renga NFT got stolen!" - Twitter (Jan 7, 2023)
  26. savino910 - "Gm guys I don't have news regarding the stolen NFT of yesterday. I can only tell you that I'm in contact with @gmstudiosgg" - Twitter (Jan 7, 2023)
  27. savino910 - "What really concern me is that even if something bad happened like loosing something valuable, that doesn't stop other ... scammer to try to scam you AGAIN!!" - Twitter (Jan 7, 2023)
  28. savino910 - "I had an ama yesterday with the team of @gmstudiosgg they're taking responsibilities and willing to pay back 50% of the stolen assets." - Twitter (Jan 7, 2023)
  29. savino910 - "Guys if anyone knows who could be this guy here https://opensea.io/bsellop He has my TAOS I'd like to talk to him for an agreement." - Twitter (Jan 7, 2023)
  30. bsellop User Account - OpenSea (Jan 7, 2023)
  31. savino910 - "last sunday I lost 1.108 eth because of a scam website posted from an admin of official Discord of a project" - Twitter (Aug 23, 2022)
  32. savino910 - "How could you track down? I could probably do the same?" - Twitter (Jan 6, 2023)
  33. Ethereum Historic Price Data - CoinMarketCap (Dec 21, 2021)
Retrieved from "https://quadrigainitiative.com/cryptocurrencyhackscamfraudwiki/index.php?title=GM_Studios_Discord_Hacked_savino910&oldid=4561"