NEAR Protocol Hacks Their Own Twitter Again

From Quadriga Initiative Cryptocurrency Hacks, Scams, and Frauds Repository
Jump to navigation Jump to search

Notice: This page is a freshly imported case study from an original repository. While the original content had a similar format, some sections may not have been fully completed. Please help fill in any empty sections or any missing information you can find. If you are new here, please read General Tutorial on Wikis or Anatomy of a Case Study for help getting started.

Notice: This page contains sources which are not attributed to any text. The unattributed sources follow the initial description. Please assist by visiting each source, reviewing the content, and placing that reference next to any text it can be used to support. Feel free to add any information that you come across which isn't present already. Sources which don't contain any relevant information can be removed. Broken links can be replaced with versions from the Internet Archive. See General Tutorial on Wikis, Anatomy of a Case Study, and/or Citing Your Sources Guide for additional information. Thanks for your help!

NEAR Protocol Logo/Homepage

The Near Protocol Rainbow Bridge allows the transfer of tokens between the Ethereum, Near, and Aurora blockchain networks. After success with their previous campaign in May, Near Protocol has once again employed a very clever marketing strategy of faking a hack on their Twitter account. Multiple sources once again came to the belief that the Twitter account had been hacked, although the hacked posts are clearly intended as marketing for a new event and have remained online. The situation ended with Near Protocol misstating the time of the hack by over an hour and claiming that their security investigation was conducted by Mike Rotch.[1][2][3][4][5][6][7][8][9][10][11][12][13][14][15]

About Near Protocol

The NEAR Rainbow Bridge is a solution for scalability in blockchain networks, particularly for Ethereum[1]. The ETH <> NEAR Rainbow Bridge enables seamless migration of assets from Ethereum to NEAR's low-cost and developer-friendly platform. Due to increased demand on the Ethereum network, users can now bridge their assets to NEAR and enjoy faster transactions without compromising speed.

The Rainbow Bridge is a trustless and permissionless protocol, enabling anyone to deploy, use, or maintain a bridge without requiring approval. It addresses the congestion and high gas fees associated with increased transactions. It allows cryptographic proof on NEAR to be usable in Ethereum contracts and vice versa, facilitating activities like voting with ETH balances in NEAR DAOs. The bridge is accessible through the ETH Faucet and MetaMask wallet, and transactions on NEAR confirm in 1-2 seconds at a low cost. While transferring assets from Ethereum to NEAR takes about six minutes and incurs an average cost of $10, sending assets back to Ethereum currently takes up to sixteen hours and costs around $60. However, these costs and speeds are expected to improve in the future. The Rainbow Bridge is available to everyone, offering advantages in speed and cost for transferring ERC-20 tokens on NEAR.

NEAR protocol, which uses blockchain sharding technology, serves as the foundation for the Rainbow Bridge. The protocol offers advantages such as Nightshade sharding, Rainbow Bridge, and Aurora, which enable efficient data processing, seamless token swapping between Ethereum and NEAR, and layer 2 scalability. The Rainbow Bridge is decentralized and permissionless, allowing for the transfer of ERC-20 tokens, stablecoins, wrapped tokens, and NFTs. It offers faster confirmation times and lower transaction costs, benefiting both developers and users.

Users can connect to the bridge using WalletConnect, MetaMask, or the Brave crypto wallet. If they don't have a NEAR account, they can create one by logging in with MetaMask and proving ownership of an Ethereum address with a balance of at least 0.05 ETH. The bridge allows popular tokens such as stablecoins (e.g., USDT, DAI), wrapped assets (e.g., WBTC, WETH), DEX tokens (e.g., UNI, 1INCH), lending tokens (e.g., AAVE, COMP), and service company tokens (e.g., HT, CRO) to be interoperable with NEAR. The transfer of ERC-20 tokens uses a two-step process of approval and transfer, with the tokens being locked in a token locker contract on Ethereum until they are unlocked on NEAR.

The Reality

This sections is included if a case involved deception or information that was unknown at the time. Examples include:

  • When the service was actually started (if different than the "official story").
  • Who actually ran a service and their own personal history.
  • How the service was structured behind the scenes. (For example, there was no "trading bot".)
  • Details of what audits reported and how vulnerabilities were missed during auditing.

What Happened

"[A] hacker posted a series of messages attacking the Crypto ecosystem."

Key Event Timeline - NEAR Protocol Hacks Their Own Twitter Again
Date Event Description
September 4th, 2024 12:23:00 PM MDT No Contract Address To Come The "hacker" makes their first post, where they call everyone in Web3 a "charlatan".
September 4th, 2024 12:37:00 PM MDT CoinDesk Twitter Posting CoinDesk posts a Twitter post which apparently claims that the Near Protocol account appears to be hacked.
September 4th, 2024 1:09:00 PM MDT Project Tagging Tweet The Near Protocol "hacker" invites the audience to "tag your fAVouRiTE project and i'll tell you why it's all a lie".
September 4th, 2024 1:25:00 PM MDT Reported Time Of Attack The reported time of the attack, according to information from Near Protocol.
September 4th, 2024 1:47:00 PM MDT Tweet About Traditional Better A tweet supposedly criticizes the decentralized finance space, stating "my byzantine tolerant fraud proof zk-enabled tech will 100% do this for you just give me five hundred trillion dollars and I'll do what Meta, Google, and Amazon already do just slightly slower".
September 4th, 2024 1:59:00 PM MDT Asking For Help Resizing The hacker supposedly asks for help resizing a crude banner promising "free tokens in bio", which is never actually set as the banner of the account.
September 4th, 2024 2:14:00 PM MDT Video Supposedly From Hacker The video describes cryptocurrency enthusiasts as "curly haired bahama-living scammers". It describes the "better way" of "find[ing] yourself a nice little office job and fit[ting] in with everyone else".
September 4th, 2024 3:11:00 PM MDT Fake Official Acknowledgement Near Protocol posts a video pretending to be an announcement from the Near Protocol, which is then pretending to be taken over by the hacker and criticize the user for being interested in DeFi.
September 4th, 2024 4:19:00 PM MDT Official Acknowledgement Of Exploit The Near Protocol team posts on Twitter including a letter describing their reaction.

Technical Details

"ohh bro but my byzantine tolerant fraud proof zk-enabled tech will 100% do this for you just give me five hundred trillion dollars and I'll do what Meta, Google, and Amazon already do just slightly slower"

Total Amount Lost

No funds were lost.

How much was lost and how was it calculated? If there are conflicting reports, which are accurate and where does the discrepancy lie?

Immediate Reactions

"NEAR's official account posted on X, stating that the official X account of NEAR Protocol had been hijacked. The hacker posted a series of messages attacking the Crypto ecosystem."

Ultimate Outcome

"RE: Sept 4th, Hijacked NEARProtocol X Profile Dear NEAR Community, On September 4th, at approximately 14:25 EST, the NEAR Protocol X account was Hijacked. A series of posts were made which, upon initial review, seemed to be an attempt to dissuade, demotivate, and criticize the NEAR, and wider Web3, ecosystems, with a particular focus on slandering the upcoming flagship event [REDACTED], Nov 9-11, Bangkok. Allow me to make this clear: the fight for our digital sovereignty will never stop. We move forward. Unified. Although the identity of the hacker remains unknown, there are reasons to believe that this could have been conducted by the notorious hacker "Four Chan", though, at this time, this remains speculation. Security Assessment The Security Team, led by renowned IT Security Professional Mike Rotch, has thoroughly reviewed the incident and found it to be isolated. There were no attempts to phish the NEAR community through malicious links, contract addresses, or otherwise. Our Response Since day one, the NEAR Ecosystem has had one goal; a world where everyone has full control of their assets, data, and power to dm.. Today, this vision may best be described as a user-owned internet. Inherently, an internet you own intertwined with tech and an ecosystem that works for you is a dramatic shift in the status quo. Many powerful individuals, entities, and organizations wish to retain the status quo and amplify this current paradigm to its full potential. The revolution isn't coming. Its already here. Join us at [REDACTED], Nov 9-11, Bangkok. Building the future, Join the 8-week [REDACTED] online Hackathon beginning today, Sept 5th, with 8500,000+ in prizes up for grabs. [REDACTE] [D]io, Susan Warren, HR Lead NEAR (Formerly Polynnarket, FIX, 3AC)"

Total Amount Recovered

There do not appear to have been any funds recovered in this case.

What funds were recovered? What funds were reimbursed for those affected users?

Ongoing Developments

What parts of this case are still remaining to be concluded?

Individual Prevention Policies

No specific policies for individual prevention have yet been identified in this case.

For the full list of how to protect your funds as an individual, check our Prevention Policies for Individuals guide.

Platform Prevention Policies

Policies for platforms to take to prevent this situation have not yet been selected in this case.

For the full list of how to protect your funds as a financial service, check our Prevention Policies for Platforms guide.

Regulatory Prevention Policies

No specific regulatory policies have yet been identified in this case.

For the full list of regulatory policies that can prevent loss, check our Prevention Policies for Regulators guide.

References

  1. What is NEAR Rainbow Bridge and How do they work? (Accessed Jan 9, 2023)
  2. Bridge from Ethereum to NEAR | The Rainbow Bridge (Accessed Jan 9, 2023)
  3. Rainbow Bridge Guide (full version) - YouTube (Accessed Jan 9, 2023)
  4. NearBridge | Address 0x3be7df8db39996a837041bb8ee0dadf60f767038 | Etherscan (Accessed Jan 9, 2023)
  5. @NEARProtocol Twitter (Accessed Oct 15, 2024)
  6. @NEARProtocol Twitter (Accessed Oct 15, 2024)
  7. @NEARProtocol Twitter (Accessed Oct 15, 2024)
  8. @NEARProtocol Twitter (Accessed Oct 15, 2024)
  9. @NEARProtocol Twitter (Accessed Oct 15, 2024)
  10. @NEARProtocol Twitter (Accessed Oct 15, 2024)
  11. @NEARProtocol Twitter (Accessed Oct 15, 2024)
  12. @CoinDesk Twitter (Accessed Oct 15, 2024)
  13. @NEARProtocol Twitter (Accessed Oct 15, 2024)
  14. @NEARProtocol Twitter (Accessed Oct 15, 2024)
  15. @NEARProtocol Twitter (Accessed Oct 15, 2024)
Retrieved from "https://quadrigainitiative.com/cryptocurrencyhackscamfraudwiki/index.php?title=NEAR_Protocol_Hacks_Their_Own_Twitter_Again&oldid=6219"