IO.net Official Discord Phishing Airdrop

From Quadriga Initiative Cryptocurrency Hacks, Scams, and Frauds Repository
Jump to navigation Jump to search

Notice: This page is a freshly imported case study from an original repository. While the original content had a similar format, some sections may not have been fully completed. Please help fill in any empty sections or any missing information you can find. If you are new here, please read General Tutorial on Wikis or Anatomy of a Case Study for help getting started.

Notice: This page contains sources which are not attributed to any text. The unattributed sources follow the initial description. Please assist by visiting each source, reviewing the content, and placing that reference next to any text it can be used to support. Feel free to add any information that you come across which isn't present already. Sources which don't contain any relevant information can be removed. Broken links can be replaced with versions from the Internet Archive. See General Tutorial on Wikis, Anatomy of a Case Study, and/or Citing Your Sources Guide for additional information. Thanks for your help!

IO.net Logo/Homepage

IO.net allows for the purchase of cheap GPU processing, and those with GPUs can sell their processing power on the open market using a Solana-based token. On August 28th, the IO.net Discord server was compromised and began posting a phishing link. Community members nearly immediately starting warning one another via Twitter, and the situation appears to have been resolved in 65 minutes. There were no reports found of users having lost funds in this case.[1][2][3][4][5][6][7][8][9][10][11][12][13][14][15][16][17][18][19][20][21][22][23][24][25][26][27][28][29][30][31][32][33][34][35][36][37][38][39][40][41][42][43][44]

About IO.net

"The Internet of GPUs is Finally Here" "The Power of Global GPU Resources with a Single Click"

"The IO Cloud allows you to deploy and manage on-demand decentralized GPU Clusters. This provides users with access to GPU resources without expensive hardware investments and infrastructure management. IO Cloud democratizes access to GPUs by providing ML Engineers & Developers the same experience as any cloud provider.

IO Cloud leverages distributed resources from a decentralized network of nodes called IO workers. Clusters provide the building blocks of IO Cloud and are fully meshed self-healing GPUs. With IO Cloud, you can leverage a decentralized network of GPUs/CPUs capable of executing Python-based ML code for your AI projects. This platform is Natively powered on the RAY distributed computing python framework used by OpenAI to train GPT3 and GP4 across 300K servers."

"IO Worker is like having a virtual rental manager for your device! It's a simple web app that lets you lend your computing power to those tackling AI tasks, making it easier for everyone to access the resources they need.

Thanks to our decentralized setup and smart resource management, you can earn more by renting out your GPU/CPU than you would with traditional cloud services. It's a win-win situation where you support others while boosting your own earnings.

With IO.NET, you're not just renting out hardware; you're part of a community that values collaboration and efficiency. Whether you're a business looking to optimize resources or an individual keen on making extra profits, IO.NET has got you covered!"

"Hello $IO Nation! We're happy to let everyone know we're feeling generous and doing a block reward tonight. Anyone is able to claim but as usual this will be for a limited time."

The Reality

This sections is included if a case involved deception or information that was unknown at the time. Examples include:

  • When the service was actually started (if different than the "official story").
  • Who actually ran a service and their own personal history.
  • How the service was structured behind the scenes. (For example, there was no "trading bot".)
  • Details of what audits reported and how vulnerabilities were missed during auditing.

What Happened

The specific events of the loss and how it came about. What actually happened to cause the loss and some of the events leading up to it.

Key Event Timeline - IO.net Official Discord Phishing Airdrop
Date Event Description
August 28th, 2024 10:45:00 PM MDT Estimated Time Of Breach Based on the screenshot captured by woleswoosh, this is the most likely time of the breach itself.
August 28th, 2024 10:51:00 PM MDT woleswoosh Tweet woleswoosh shares a screenshot of the hacked Discord account.
August 28th, 2024 10:56:00 PM MDT Translation To Thai A warning in Thai: "It seems that @ionet's Discord is currently being messed with. Please don't click anything for now."
August 28th, 2024 11:08:00 PM MDT MicroSound_t Tweet MicroSound_ shares a screenshot of the hacked Discord account.
August 28th, 2024 11:11:00 PM MDT fekuuuu Tweeting Twitter user fekuuuu notes that the Discord is breached and shares a screenshot of the breached Discord including a fake airdrop promotion.
August 28th, 2024 11:13:00 PM MDT Ahmad Shadid Tweet Notice "Ahmad Shadid, former CEO of the decentralized GPU network io.net, posted on X that the official io.net Discord has been hacked. He has informed the IO team and advised not to click on any shared links."
August 28th, 2024 11:50:00 PM MDT Issue Resolved Notice Ahmad reports that the issue was resolved, however the chat channels were all deleted and he expects that the team will take some time to recreate them all. They also believe that the hacker is the same one who hacked a project called Humanity Protocol.
August 29th, 2024 12:03:00 AM MDT Moderator Compromise Reported According to this tweet update, the breach happened due to a moderator's account being compromised.
August 29th, 2024 3:25:49 AM MDT Archive Capture The Internet Archive captures the site, however this capture is apparently inaccessible.
August 29th, 2024 5:47:16 AM MDT Archive Capture The Internet Archive captures the site, however this capture is apparently inaccessible.

Technical Details

This section includes specific detailed technical analysis of any security breaches which happened. What specific software vulnerabilities contributed to the problem and how were they exploited?

Total Amount Lost

The total amount lost is unknown.

How much was lost and how was it calculated? If there are conflicting reports, which are accurate and where does the discrepancy lie?

Immediate Reactions

"@ionet discord is hacked now, channels to communicate deleted do not go for this link from announcements!"

"One of our moderator's account has been compromised. To protect everyone, we've temporarily muted the channels. We're actively working to resolve the issue and will re-open the channels shortly. Thank you for your understanding and patience."

"Ahmad Shadid, former CEO of the decentralized GPU network io.net, posted on X that the official io.net Discord has been hacked. He has informed the IO team and advised not to click on any shared links."

"I was informed the Issue is resolved but the chat channels were all deleted so it will probably take time for the team to recreate them. I’ve heard the hacker was identified and he is the same who hacked @Humanityprot discord, identity to be confirmed yet."

Ultimate Outcome

What was the end result? Was any investigation done? Were any individuals prosecuted? Was there a lawsuit? Was any tracing done?

Total Amount Recovered

There do not appear to have been any funds recovered in this case.

What funds were recovered? What funds were reimbursed for those affected users?

Ongoing Developments

What parts of this case are still remaining to be concluded?

Individual Prevention Policies

No specific policies for individual prevention have yet been identified in this case.

For the full list of how to protect your funds as an individual, check our Prevention Policies for Individuals guide.

Platform Prevention Policies

Policies for platforms to take to prevent this situation have not yet been selected in this case.

For the full list of how to protect your funds as a financial service, check our Prevention Policies for Platforms guide.

Regulatory Prevention Policies

No specific regulatory policies have yet been identified in this case.

For the full list of regulatory policies that can prevent loss, check our Prevention Policies for Regulators guide.

References

  1. SlowMist Hacked - SlowMist Zone (Accessed Sep 20, 2024)
  2. @shadid_io Twitter (Accessed Sep 24, 2024)
  3. @shadid_io Twitter (Accessed Sep 24, 2024)
  4. Wayback Machine (Accessed Sep 24, 2024)
  5. https://ionet-web.com/ (Accessed Sep 24, 2024)
  6. $IO price today, IO to USD live price, marketcap and chart | CoinMarketCap (Accessed May 17, 2024)
  7. io.net (Accessed May 17, 2024)
  8. docs.io.net v2 (Accessed May 17, 2024)
  9. Get Started - IO Cloud (Accessed May 17, 2024)
  10. Get Started - IO Worker (Accessed May 17, 2024)
  11. Why ionet is Important?. What is ionet | by Tharkunas | Mar, 2024 | Medium (Accessed May 17, 2024)
  12. @ionet Twitter (Accessed Sep 24, 2024)
  13. @woleswoosh Twitter (Accessed Sep 24, 2024)
  14. @MicroSound_ Twitter (Accessed Sep 24, 2024)
  15. @0xkh1n Twitter (Accessed Sep 24, 2024)
  16. @AstroG1089 Twitter (Accessed Sep 24, 2024)
  17. @Harshku3813 Twitter (Accessed Sep 24, 2024)
  18. @Str_DegenJ Twitter (Accessed Sep 24, 2024)
  19. @simo___001 Twitter (Accessed Sep 24, 2024)
  20. @Bauzz_ Twitter (Accessed Sep 24, 2024)
  21. @Bugyman531 Twitter (Accessed Sep 24, 2024)
  22. @pandaly520 Twitter (Accessed Sep 24, 2024)
  23. @bats4 Twitter (Accessed Sep 24, 2024)
  24. @De_FiSecurity Twitter (Accessed Sep 24, 2024)
  25. @TigresaPolishCm Twitter (Accessed Sep 24, 2024)
  26. @ericspo29 Twitter (Accessed Sep 24, 2024)
  27. @grayfoxdefi Twitter (Accessed Sep 24, 2024)
  28. @ate_bites Twitter (Accessed Sep 24, 2024)
  29. @Local_sec Twitter (Accessed Sep 24, 2024)
  30. @binenetxyz Twitter (Accessed Sep 24, 2024)
  31. @GoPlusZH Twitter (Accessed Sep 24, 2024)
  32. @CoinEdition Twitter (Accessed Sep 24, 2024)
  33. @ArakumaIOnet Twitter (Accessed Sep 24, 2024)
  34. @gear7cz Twitter (Accessed Sep 24, 2024)
  35. @ArakumaIOnet Twitter (Accessed Sep 24, 2024)
  36. @minerfredz Twitter (Accessed Sep 24, 2024)
  37. @cyy7025219 Twitter (Accessed Sep 24, 2024)
  38. @0xmashi Twitter (Accessed Sep 24, 2024)
  39. @The_NewsCrypto Twitter (Accessed Sep 24, 2024)
  40. @CyversAlerts Twitter (Accessed Sep 24, 2024)
  41. @PeckShieldAlert Twitter (Accessed Sep 24, 2024)
  42. @CertiKAlert Twitter (Accessed Sep 24, 2024)
  43. @web3_watchdog Twitter (Accessed Sep 24, 2024)
  44. @GoPlusSecWareX Twitter (Accessed Sep 24, 2024)
Retrieved from "https://quadrigainitiative.com/cryptocurrencyhackscamfraudwiki/index.php?title=IO.net_Official_Discord_Phishing_Airdrop&oldid=6143"