Kaiju Kingz Discord Hacked

From Quadriga Initiative Cryptocurrency Hacks, Scams, and Frauds Repository
Jump to navigation Jump to search

Notice: This page is a new case study and some aspects have not been fully researched. Some sections may be incomplete or reflect inaccuracies present in initial sources. Please check the References at the bottom for further information and perform your own additional assessment. Please feel free to contribute by adding any missing information or sources you come across. If you are new here, please read General Tutorial on Wikis or Anatomy of a Case Study for help getting started.

Notice: This page contains sources which are not attributed to any text. The unattributed sources follow the initial description. Please assist by visiting each source, reviewing the content, and placing that reference next to any text it can be used to support. Feel free to add any information that you come across which isn't present already. Sources which don't contain any relevant information can be removed. Broken links can be replaced with versions from the Internet Archive. See General Tutorial on Wikis, Anatomy of a Case Study, and/or Citing Your Sources Guide for additional information. Thanks for your help!

Kaiju Kingz

The Kaiju Kings are a collection of thousands of pixel beast NFTs, which are rare collectibles that provide access to a specialized metaverse or the ability to mint other NFTs and tokens. On October 30th, 2021, their Discord was hacked through one of the team members who was anonymous named Kekwin. It is unclear whether it was a breach of malicious act from Kekwin, who was the only team member who remained anonymous. Over $70k worth of Ethereum was taken and the team has offered to refund members.

This is a global/international case not involving a specific country.[1][2][3][4][5][6][7][8][9][10][11][12][13][14][15][16][17][18][19][20][21][22][23][24][25][26]

About Kaiju Kingz

KaijuKingz is a collection of pixelated beasts in the form of NFTs that aims to expand the Metaverse and support talented creatives and developers in the NFT space[27]. Kaiju Kingz is a collection of 3,333 Genesis pixel beasts created by Augminted Labs on the Ethereum blockchain[28][5]. The team behind KaijuKingz is affiliated with Augminted Labs, with most members being doxxed (their identities revealed)[5]. The project draws inspiration from Japanese and cyberpunk culture, featuring pixel art and text styles reminiscent of games like Street Fighter[5]. OhDots, a community member in the CyberKongz community reportedly founded Augminted Labs and launched the collection for minting on October 12th, 2021 to safeguard the metaverse[29].

"Behold the KaijuKingz; larger than life pixel beasts tearing down a city near you. Our creed is to expand the Metaverse by supporting talented creatives and developers looking to break into NFTs. $RWASTE radiates in the core of our community, passively generated by Genesis Kaijuz as fuel for out Kaijuz. Demolish the old to make way for a new kind of community - a community of Kingz."

The community is fueled by $RWASTE (radioactive waste), which is passively generated by Genesis Kaijuz[27]. Genesis Kaijuz grant holders voting access in the KaijuKingz DAO and passively generate five $RWASTE per day[28]. $RWASTE can be used for naming Kaijuz, creating Baby Kaijuz through DNA fusion, and writing lore for them[28]. The collection starts with 3,333 Genesis Kaijuz, each granting special perks to their holders[27]. Genesis Kaijuz generate $RWASTE and can be used for various purposes within the project, such as naming Kaijuz or creating Baby Kaijuz through DNA fusion[27].

Baby Kaijuz, created by mutating the DNA of Genesis Kaijuz, have their own unique traits and aesthetics[27]. The project emphasizes fostering competition and collaboration between Web3 communities and aims to mentor and onboard talent, providing funding for living expenses, equipment, and classes for developers and creatives[27]. The KaijuKingz community plans to form a DAO to make decisions about the project's direction, ecosystem expansion, and talent development[27]. Grants and scholarships will be issued from the community vault to support aspiring creators[27]. The DAO structure allows for decentralized decision-making, with voting power given to KaijuKing holders[27].

Kaijuz are represented as 69x69 pixel squares with various traits, types, and aesthetics[28]. Future plans include the transition of KaijuKingz into 3D voxelized versions for metaverse traversal, utilizing the community vault for talent grants, and exploring new utilities for $RWASTE[27]. The project's success relies on the involvement and ideas of its holders, and the team consists of individuals with expertise in development, art, and community management[27].

The community is focused on fostering growth and serving as a platform for individuals to learn, create, and succeed in the web3 space[29]. By joining the Kingz, one can establish a lasting legacy[29]. Joining the KaijuKingz community is promoted as a means of contributing to the development of Web3 and the NFT ecosystem while potentially benefiting from scholarships and grants[27]. The project aims to create a supportive environment where Kingz help each other succeed[27].

KaijuKingz has made significant progress since its minting in October 2021, collaborating with established projects and notable influencers[5]. The project has collaborated with various established projects, such as PXN, Memeland by 9GAG, RaidParty, Possessed, and much more[5]. They frequently give away whitelist spots for other projects in their discord. Kaiju has also had notable influencers invested into the project, such as Takoa, Banks, Champ T, Coco Bear, Zeneca, and 9gagceo[5].

The collection will also include 6,666 Baby Kaijuz in the Community of Kingz that accompany the Genesis Kaiju[28][29]. The tokenomics of the project include various types of Kaiju NFTs with different functionalities and benefits. The collection has held its floor price well despite the volatile NFT market, indicating community strength and a preference for holding rather than quick flipping[5]. The holder distribution is favorable, with over 50% held by unique holders, reducing the risk of sudden price dumps[5]. Most holders show a mid to long-term investment horizon, which is considered positive in the fast-paced NFT space[5]. The number of listings remains relatively low, indicating a scarcity factor[5]. Overall, the project shows promising signs, but a comprehensive analysis would require further investigation[5].

Identity Status Of The Team

The team behind KaijuKingz is affiliated with Augminted Labs, with most members being doxxed (their identities revealed), however one member Kekwin was not known[5].

"At first glance, this seems like an anon team behind Kaiju profile pictures. But if we dig slightly deeper, we see that Kaiju is run by Augminted Labs. Augminted Labs’ team is the same guys we see here. If we visit Augminted’s website, we can see that the lead developer, artist, community manager, and developer are all doxxed. This only leaves Kekwin (another developer) to be undoxxed. Bullish sign for us, as majority of the team is accessible and we know who they are."

While the team doesn't have a substantial track record, their professionalism and transparency, as evidenced by being doxxed, are considered positive signs[5].

Special Minting Announcement

"Hey @Kingz, due to the success of KaijuKingz and how fast our official launch sold out, we have one more thing to give Kingz. SO WE ARE LETTING EVERYONE MINT 1000 KAIJUS FOR ONLY 0.15 ETH. BUY NOW! THEY WILL SELL OUT VERY QUICKLY! THANK YOU."

The Reality

"As we’ve seen lately, the attackers posted a link to a fake minting page."

This sections is included if a case involved deception or information that was unknown at the time. Examples include:

  • When the service was actually started (if different than the "official story").
  • Who actually ran a service and their own personal history.
  • How the service was structured behind the scenes. (For example, there was no "trading bot".)
  • Details of what audits reported and how vulnerabilities were missed during auditing.

What Happened

The specific events of the loss and how it came about. What actually happened to cause the loss and some of the events leading up to it.

Key Event Timeline - Kaiju Kingz Discord Hacked
Date Event Description
October 30th, 2021 6:08:00 PM MDT Main Event Expand this into a brief description of what happened and the impact. If multiple lines are necessary, add them here.

Technical Details

This section includes specific detailed technical analysis of any security breaches which happened. What specific software vulnerabilities contributed to the problem and how were they exploited?

"Approx 32 ETH stolen from users before mods locked down the server."

"@KaijuKingz Discord got hacked by the same group allegedly led by Hazema E. Do not mint the fake .ORG site. Do not mint AT ALL 70K USD already stolen. Guess Roblox being down left the scammers bored." "One green flag is that Kaiju has overcome their bumps, such as the discord hack."

Total Amount Lost

The total amount lost has been estimated at $70,000 USD.

"Approx 32 ETH stolen from users before mods locked down the server."

How much was lost and how was it calculated? If there are conflicting reports, which are accurate and where does the discrepancy lie?

Immediate Reactions

Report of Kekwin Compromise

"A team member's Discord has been compromised. We don't have any private or extended sales going on right now. Do not click any links DM'd to you by Kekwin or his bot in announcements. Our twitter account is fine and Discord has been cleaned. More info to come soon. Stay safe."

"Kekwin was swiftly banned from our server and the webhook was removed. Our old Discord URL of KaijuKingz was taken from us. Do not use KaijuKingz discord invite. Out new discord URL is 'kaiju-kingz' and has been updated on our OpenSea and Website and other socials. Our Twitter is completely safe as Kekwin had no access to it. We've removed Kekwin's access to our site and have pushed a new update to it that will replace our Discord link."


"Hello @everyone - please read this and be on alert for this new scam, in this Discord and in every other one you're involved in. Some major Discord servesrs have been hit with this scam (I believe TopShot just got targeted) - you can never be too careful. Remember - be hyper vigilant."

"It appears as though scammers are exploiting lax controls around Discord integrations to gain access to the bot / Discord server."

"Be wary of announcements that are posted by bots! Verify that the community founders or admins are posting, especially when it comes to minting. Be especially careful of announcements to the effect of 'Stealth mint!' especially when the project did not previously plan to launch a stealth mint. Independently verify any links that are posted. Navigate to the website in your own browser where possible. Be suspicious. If something doesn't seem right, or if an announcement seems to be a sudden change in direction, be suspicious. If the project is still building up its community and a whitelist is open, they're probably not suddenly switching to a stealth launch."


Ultimate Outcome

The Kaiju Kingz team was reportedly able to ultimately secure their Discord server.

What was the end result? Was any investigation done? Were any individuals prosecuted? Was there a lawsuit? Was any tracing done?


"Out Discord is now secure[.] We will be monitoring over the next couple of days to see if more actions are needed. For now we will have fewer channels and slowly re-add when we are certain that we are no longer being targeted."

"Our Discord is confirmed to be secured, we've issued refunds to any accounts deemed legitimately affected by the false link. Thankfully there were so few transactions that we were able to manually screen through them. Appreciate the support and love you guys."

Total Amount Recovered

There do not appear to have been any funds recovered in this case.

What funds were recovered? What funds were reimbursed for those affected users?

Ongoing Developments

What parts of this case are still remaining to be concluded?

General Prevention Policies

It is recommended to be extremely cautious of any links posted on Discord, given the repeated hacks of the platform. Users need to be cautious with any posted links. Always check any communication against multiple official sources of a project.

Platforms should be extremely cautious regarding the permissions which are granted via Discord, and limit the access levels to critical functionality. Discord should improve their security and offer multi-signature permissions for key functions. Ideally, public groups should be managed from an exclusive account which isn't used for anything else.

Individual Prevention Policies

No specific policies for individual prevention have yet been identified in this case.

For the full list of how to protect your funds as an individual, check our Prevention Policies for Individuals guide.

Platform Prevention Policies

Policies for platforms to take to prevent this situation have not yet been selected in this case.

For the full list of how to protect your funds as a financial service, check our Prevention Policies for Platforms guide.

Regulatory Prevention Policies

No specific regulatory policies have yet been identified in this case.

For the full list of regulatory policies that can prevent loss, check our Prevention Policies for Regulators guide.

References

  1. KaijuKingz (Jul 14, 2022)
  2. Kaiju Kingz - NFT Overview (Jul 14, 2022)
  3. https://opensea.io/collection/kaiju-kingz (Jul 14, 2022)
  4. @nftherder Twitter (Jul 16, 2022)
  5. 5.00 5.01 5.02 5.03 5.04 5.05 5.06 5.07 5.08 5.09 5.10 5.11 5.12 5.13 Kaiju Kingz Analysis - Zayd - Medium (Jul 16, 2022)
  6. @Zeneca_33 Twitter (Jul 17, 2022)
  7. @KaijuKingz Twitter (Jul 17, 2022)
  8. @KaijuKingz Twitter (Jul 17, 2022)
  9. @NFTherder Twitter (Jul 17, 2022)
  10. @johnj1138 Twitter (Jul 17, 2022)
  11. @ChainDash Twitter (Jul 17, 2022)
  12. @nfthater Twitter (Jul 17, 2022)
  13. @BonafideNFT Twitter (Jul 17, 2022)
  14. @brrrocto Twitter (Jul 17, 2022)
  15. @Niftycrypt Twitter (Jul 17, 2022)
  16. @SharpMatter_ Twitter (Jul 17, 2022)
  17. @SharpMatter_ Twitter (Jul 17, 2022)
  18. @Abstrusus1 Twitter (Jul 17, 2022)
  19. @NFT_Safety Twitter (Jul 17, 2022)
  20. @NFTweb_3 Twitter (Jul 17, 2022)
  21. @nftgio Twitter (Jul 17, 2022)
  22. @Niftycrypt Twitter (Jul 17, 2022)
  23. @laksnft Twitter (Jul 17, 2022)
  24. @ZsMann Twitter (Jul 17, 2022)
  25. @Yarieos Twitter (Jul 17, 2022)
  26. @KaijuKingz Twitter (Jul 17, 2022)
  27. 27.00 27.01 27.02 27.03 27.04 27.05 27.06 27.07 27.08 27.09 27.10 27.11 27.12 KaijuKingz Homepage (Jul 14, 2022)
  28. 28.0 28.1 28.2 28.3 28.4 Kaiju Kingz - NFT Overview - Lucky Trader (Jul 14, 2022)
  29. 29.0 29.1 29.2 29.3 Kaiju Kingz Collection - OpenSea (Jul 14, 2022)
Retrieved from "https://quadrigainitiative.com/cryptocurrencyhackscamfraudwiki/index.php?title=Kaiju_Kingz_Discord_Hacked&oldid=4694"