Polygon Discord Compromise Airdrop Phishing

From Quadriga Initiative Cryptocurrency Hacks, Scams, and Frauds Repository
Jump to navigation Jump to search

Notice: This page is a freshly imported case study from an original repository. While the original content had a similar format, some sections may not have been fully completed. Please help fill in any empty sections or any missing information you can find. If you are new here, please read General Tutorial on Wikis or Anatomy of a Case Study for help getting started.

Notice: This page contains sources which are not attributed to any text. The unattributed sources follow the initial description. Please assist by visiting each source, reviewing the content, and placing that reference next to any text it can be used to support. Feel free to add any information that you come across which isn't present already. Sources which don't contain any relevant information can be removed. Broken links can be replaced with versions from the Internet Archive. See General Tutorial on Wikis, Anatomy of a Case Study, and/or Citing Your Sources Guide for additional information. Thanks for your help!

Polygon Homepage/Logo

Polygon is a popular protocol and a framework for building and connecting Ethereum-compatible blockchain networks. Just prior to the Polygon network's official upgrade from MATIC To Poly, their Discord account started promoting an airdrop of additional Poly tokens. Polygon security officer Mudit Gupta posted on Twitter some time later to inform the community, and this was subsequently retweeted by the official Polygon account. However, this was far too late for many users who lost funds, including at least one user losing $150,000 USD. The Polygon team promised a post-mortem to be released. Neither a post-mortem nor plans to assist victims could be located.[1][2][3][4][5][6][7][8][9][10][11][12][13][14][15][16][17][18][19][20][21][22][23][24][25][26][27][28][29][30][31][32][33][34][35][36][37][38][39][40][41][42][43][44][45][46]

About Polygon

"Polygon is a protocol and a framework for building and connecting Ethereum-compatible blockchain networks. Aggregating scalable solutions on Ethereum supporting a multi-chain Ethereum ecosystem." "Polygon is an open source project built by decentralized team of contributors from all over the world."

"We envision an open, borderless world. A world in which people and machines collaborate and exchange value globally and freely, without gatekeepers or intermediaries. A world in which communities thrive, unconstrained by artificial borders and archaic regulations." "We don’t believe in traditional companies, hierarchy and management. Anyone is welcome to contribute code, ideas or anything else that can help make our vision a reality!"

"Polygon combines the best of Ethereum and sovereign blockchains into a full-fledged multi-chain system. Polygon solves pain points associated with Blockchains, like high gas fees and slow speeds, without sacrificing on security. This multi-chain system is akin to other ones such as Polkadot, Cosmos, Avalanche etc, but with at least three major upsides: (1) It is able to fully benefit from Ethereum’s network effects. (2) It is inherently more secure. (3) It is more open and powerful."

"Polygon combines the best of Ethereum and sovereign blockchains into an attractive feature set." "Ethereum is the blockchain development platform of choice, but it has limitations. Low Throughput. Poor UX (gas, delayed PoW finality). No sovereignty (shared throughput/clogging risk, tech stack not customizable, governance dependence)." "Many projects are exploring Ethereum-compatible blockchains as a way to mitigate these limitations while still leveraging Ethereum’s thriving ecosystem."

"Web3, Aggregated." "Enabling an infinitely scalable web of sovereign blockchains that feels like a single chain. Powered by ZK tech." "30% Claimed. 4,000,000 $POL Left @everyone"

The Reality

This sections is included if a case involved deception or information that was unknown at the time. Examples include:

  • When the service was actually started (if different than the "official story").
  • Who actually ran a service and their own personal history.
  • How the service was structured behind the scenes. (For example, there was no "trading bot".)
  • Details of what audits reported and how vulnerabilities were missed during auditing.

What Happened

"Ahead of its scheduled mainnet upgrade from MATIC to POL tokens, Polygon suffered a Discord breach that led to $145,000 in losses for one user."

Key Event Timeline - Polygon Discord Compromise Airdrop Phishing
Date Event Description
August 24th, 2024 12:41:00 AM MDT Shabad.eth Tweet Twitter user Shabad.eth asks if the Discord has been compromised and notes that there are spam links being posted in the channel presently.
August 24th, 2024 12:44:00 AM MDT Mudit Gupta Tweet Mudit Gupta posts a tweet to notify the community of the breached Discord server. At this time, the Polygon team is reportedly working to regain control.
August 24th, 2024 12:54:00 AM MDT Screenshot Of Scam Posts A screenshot is posted of the scam post, which is a pre-launch airdrop for the Matic to Polygon transition.
August 24th, 2024 1:43:00 AM MDT Massive Fund Loss One user reports losing $150,000 USD from one of their Ethereum pools in one go. They ask what responsibility Polygon will play, since they didn't mention the scam link on their main Twitter account.
August 24th, 2024 1:50:23 AM MDT User Lost Funds A blockchain transaction transfering 0.25 ETH happens in which Twitter user jadhav.eth (@samkoyna) reports that they lost ETH.
August 24th, 2024 3:43:00 AM MDT Discord Access Regained Mudit Gupta reports that they have regained access to the server and are currently cleaning up any changes which may have been made by the hacker to make sure they can't regain access.
August 24th, 2024 8:14:00 AM MDT Server Reported Secured The official Polygon Twitter account reports that the server is secured again. Mudit Gupta retweets and confirms that the server is now secured. They believe they've cleaned everything up, and a postmortem will be coming shortly.

Technical Details

"The phishing attack leveraged the network’s token transition to deceive users, prompting Polygon to disable bots and increase security as it approaches the September 4 launch."

Total Amount Lost

The total amount lost has been estimated at $154,000 USD.

How much was lost and how was it calculated? If there are conflicting reports, which are accurate and where does the discrepancy lie?

Immediate Reactions

"@0xPolygon hey is your discord hacked? There are scam links being posted in the announcements channel and I got a timeout for highlighting this in the support channel."

"Mudit Gupta, the Chief Information Security Officer of Polygon, stated on the X platform that the Polygon Community Discord has been compromised. He advised users not to click on any links within the server as the team is working to regain control."

"PSA: Do not click on any links in the @0xPolygon community discord until further notice.

It has been compromised and we're trying to get back ownership."

Ultimate Outcome

"Update: We've regained access and currently cleaning up all the changes made by the hacker to make sure they can't come back."

"The server is secured again. We'll share a post mortem once we're done with reviewing everything."

Total Amount Recovered

There do not appear to have been any funds recovered in this case.

What funds were recovered? What funds were reimbursed for those affected users?

Ongoing Developments

What parts of this case are still remaining to be concluded?

Individual Prevention Policies

No specific policies for individual prevention have yet been identified in this case.

For the full list of how to protect your funds as an individual, check our Prevention Policies for Individuals guide.

Platform Prevention Policies

Policies for platforms to take to prevent this situation have not yet been selected in this case.

For the full list of how to protect your funds as a financial service, check our Prevention Policies for Platforms guide.

Regulatory Prevention Policies

No specific regulatory policies have yet been identified in this case.

For the full list of regulatory policies that can prevent loss, check our Prevention Policies for Regulators guide.

References

  1. SlowMist Hacked - SlowMist Zone (Accessed Sep 16, 2024)
  2. @Mudit__Gupta Twitter (Accessed Sep 18, 2024)
  3. @SuperDutyPT Twitter (Accessed Sep 18, 2024)
  4. @codemon_ Twitter (Accessed Sep 18, 2024)
  5. @fishman18066236 Twitter (Accessed Sep 18, 2024)
  6. @Crypto_0mega Twitter (Accessed Sep 18, 2024)
  7. @dogeXbirdapp Twitter (Accessed Sep 18, 2024)
  8. @Mudit__Gupta Twitter (Accessed Sep 18, 2024)
  9. @samkoyna Twitter (Accessed Sep 18, 2024)
  10. Ethereum Transaction Hash (Txhash) Details | Etherscan (Accessed Sep 18, 2024)
  11. @Mudit__Gupta Twitter (Accessed Sep 18, 2024)
  12. @ValidatorK Twitter (Accessed Sep 18, 2024)
  13. @0xPolygon Twitter (Accessed Sep 18, 2024)
  14. @CryptoMiox Twitter (Accessed Sep 18, 2024)
  15. @FilipDobrut Twitter (Accessed Sep 18, 2024)
  16. @CryptoMiox Twitter (Accessed Sep 18, 2024)
  17. @Sexyy_NFT Twitter (Accessed Sep 18, 2024)
  18. @Crypto_0mega Twitter (Accessed Sep 18, 2024)
  19. @shadabk2005 Twitter (Accessed Sep 18, 2024)
  20. @parrot_coins Twitter (Accessed Sep 18, 2024)
  21. @TheCrypto_B Twitter (Accessed Sep 18, 2024)
  22. @TheCrypto_B Twitter (Accessed Sep 18, 2024)
  23. @Ether_Authority Twitter (Accessed Sep 18, 2024)
  24. @CryptoChiefNews Twitter (Accessed Sep 18, 2024)
  25. @_ZoneCrypto_ Twitter (Accessed Sep 18, 2024)
  26. @_ZoneCrypto_ Twitter (Accessed Sep 18, 2024)
  27. @RoundtableSpace Twitter (Accessed Sep 18, 2024)
  28. @RoundtableSpace Twitter (Accessed Sep 18, 2024)
  29. @VooDooNemesi Twitter (Accessed Sep 18, 2024)
  30. @RoundtableSpace Twitter (Accessed Sep 18, 2024)
  31. @akashbitcoins Twitter (Accessed Sep 18, 2024)
  32. @_Brutal_BTC_ Twitter (Accessed Sep 18, 2024)
  33. @YannToken Twitter (Accessed Sep 18, 2024)
  34. @Cryptohuhterz Twitter (Accessed Sep 18, 2024)
  35. @Web3Market_site Twitter (Accessed Sep 18, 2024)
  36. @tokenwars_io Twitter (Accessed Sep 18, 2024)
  37. @Crypto_TownHall Twitter (Accessed Sep 18, 2024)
  38. @Reggie_Coin Twitter (Accessed Sep 18, 2024)
  39. @BowTiedPickle Twitter (Accessed Sep 18, 2024)
  40. @ZoneCrypto_feed Twitter (Accessed Sep 18, 2024)
  41. @lypp Twitter (Accessed Sep 18, 2024)
  42. @ibcgroupio Twitter (Accessed Sep 18, 2024)
  43. @BoringSecDAO Twitter (Accessed Sep 18, 2024)
  44. @0xPolygon Twitter (Accessed Sep 18, 2024)
  45. Polygon:Discord已恢复保护和访问权限,但外部机器人和集成暂时禁用 - PANews (Accessed Sep 18, 2024)
  46. x.com (Accessed Sep 18, 2024)
Retrieved from "https://quadrigainitiative.com/cryptocurrencyhackscamfraudwiki/index.php?title=Polygon_Discord_Compromise_Airdrop_Phishing&oldid=6044"