Usual Money Discord Breach Fake Airdrop

From Quadriga Initiative Cryptocurrency Hacks, Scams, and Frauds Repository
Jump to navigation Jump to search

Notice: This page is a freshly imported case study from an original repository. While the original content had a similar format, some sections may not have been fully completed. Please help fill in any empty sections or any missing information you can find. If you are new here, please read General Tutorial on Wikis or Anatomy of a Case Study for help getting started.

Notice: This page contains sources which are not attributed to any text. The unattributed sources follow the initial description. Please assist by visiting each source, reviewing the content, and placing that reference next to any text it can be used to support. Feel free to add any information that you come across which isn't present already. Sources which don't contain any relevant information can be removed. Broken links can be replaced with versions from the Internet Archive. See General Tutorial on Wikis, Anatomy of a Case Study, and/or Citing Your Sources Guide for additional information. Thanks for your help!

Usual Money Logo/Homepage

Usual Money pitches their stablecoin as an alternative to incumbents Tether and Circle, allowing holders to gain not just profits but also ownership in the protocol. A hacker decided they wanted some ownership of the Discord channel, launching a phishing link that promised even more profits to the community through a new rewards program. It is unclear if any users fell for the phishing link, and even exactly how long the link remained present.[1][2][3][4][5][6][7][8][9][10][11][12][13][14][15][16][17][18][19][20][21][22][23][24][25]

About Usual Money

"Stablecoin infra for the un-tethered era. Usual is a secure and decentralized fiat-backed stablecoin issuer that redistributes ownership and value through the $USUAL token."

"Usual is a multi-chain infrastructure that aggregates the growing tokenized Real-World Assets (RWAs) from entities like BlackRock, Ondo, Mountain Protocol, M0 or Hashnote to transform them into a permissionless, on-chain verifiable, and composable stablecoin (USD0)."

"Usual is built around the redistribution of power and ownership to users & third parties, akin to a scenario where Tether’s TVL providers would own the company and the associated revenues."

"Each year, users give billions to fiat-backed stablecoin issuers. Usual reinvents this by providing a bankless account with a more transparent and secure stablecoin, while also offering better opportunities to its users."

"We rebuild Tether infrastructure 100% onchain." "Usual is a versatile multi-chain blockchain infrastructure. It aggregates the Real-World Assets from entities like BlackRock, Ondo, and Hashnote, transforming them into a safer, permissionless, verifiable, and composable stablecoin."

"You've been waiting, it's here: Usual's Reward Claims*! We're thrilled to announce that Usual is launching a rewards airdrop for our active platform users and dedicated community members! Who's eligible?: Active users of the Usual platform & Holders and Stakers of $USDO. How to check eligibility?: Visit our claim portal and connect your wallet to see if you qualify. What's being distributed?: 250,000 $USDO.

Stay tuned for more details! We'll be sharing additional information in the coming days. Thank you for being part of the Usual community. Your continued support and engagement makes initiatives like this possible!"

The Reality

This sections is included if a case involved deception or information that was unknown at the time. Examples include:

  • When the service was actually started (if different than the "official story").
  • Who actually ran a service and their own personal history.
  • How the service was structured behind the scenes. (For example, there was no "trading bot".)
  • Details of what audits reported and how vulnerabilities were missed during auditing.

What Happened

"The stablecoin protocol Usual posted on X to alert users that its official Discord server has been hacked."

Key Event Timeline - Usual Money Discord Breach Fake Airdrop
Date Event Description
July 10th, 2024 6:30:00 AM MDT Public Mainnet Launch The Usual Money project annoucnes the launch of a public mainnet.
August 8th, 2024 4:51:00 AM MDT Pendle Finance Launch The Usual Money stablecoin is now tradable on Pendle Finance.
August 30th, 2024 8:01:00 PM MDT Twitter Users Notice Hack Madridiotpendu7 is the first to Tweet about the hacked Discord - twice. User b0x_in would notice and ask 5 minutes later.
August 30th, 2024 8:55:00 PM MDT Screenshot Shared Tweet User Sedaprasanyaad is among the users to confirm the hack and provides a screenshot of the phishing link which was posted.
August 30th, 2024 9:07:00 PM MDT Discord Is Hack Currently The Usual Money protocol takes to Twitter to notify their community that their "discord is hack currently".
August 30th, 2024 9:21:00 PM MDT Discord Has Been Hacked "Our Discord has been hacked. Please do not click on any links."
September 1st, 2024 2:55:00 PM MDT Confusion About Discord Usual Money made no announcement when the Discord was fixed. As a result, a Turkish user with username blckbld0 was confused and asks if there's anything wrong with the Discord.
September 2nd, 2024 3:33:00 AM MDT Discord Confirmed Fixed The Turkish user is told that the issue has been fixed.
September 27th, 2024 2:00:00 AM MDT Usual Money Discord Invite Usual Money invites you to join "the rest of the Usual Raccoons on Discord" on order to "stay ahead of the game".

Technical Details

This section includes specific detailed technical analysis of any security breaches which happened. What specific software vulnerabilities contributed to the problem and how were they exploited?

Total Amount Lost

The total amount lost is unknown.

How much was lost and how was it calculated? If there are conflicting reports, which are accurate and where does the discrepancy lie?

Immediate Reactions

"Our discord is hack currently. Do not click on any link please."

"Our Discord has been hacked. Please do not click on any links."

Ultimate Outcome

What was the end result? Was any investigation done? Were any individuals prosecuted? Was there a lawsuit? Was any tracing done?

Total Amount Recovered

There do not appear to have been any funds recovered in this case.

What funds were recovered? What funds were reimbursed for those affected users?

Ongoing Developments

What parts of this case are still remaining to be concluded?

Individual Prevention Policies

No specific policies for individual prevention have yet been identified in this case.

For the full list of how to protect your funds as an individual, check our Prevention Policies for Individuals guide.

Platform Prevention Policies

Policies for platforms to take to prevent this situation have not yet been selected in this case.

For the full list of how to protect your funds as a financial service, check our Prevention Policies for Platforms guide.

Regulatory Prevention Policies

No specific regulatory policies have yet been identified in this case.

For the full list of regulatory policies that can prevent loss, check our Prevention Policies for Regulators guide.

References

  1. SlowMist Hacked - SlowMist Zone (Accessed Sep 25, 2024)
  2. @usualmoney Twitter (Accessed Sep 27, 2024)
  3. @usualmoney Twitter (Accessed Sep 27, 2024)
  4. @usualmoney Twitter (Accessed Sep 27, 2024)
  5. Usual (Accessed Sep 27, 2024)
  6. What is Usual? | Usual Docs (Accessed Sep 27, 2024)
  7. Why Usual? | Usual Docs (Accessed Sep 27, 2024)
  8. @usualmoney Twitter (Accessed Sep 27, 2024)
  9. @usualmoney Twitter (Accessed Sep 27, 2024)
  10. @Madridiotpendu7 Twitter (Accessed Sep 27, 2024)
  11. @Madridiotpendu7 Twitter (Accessed Sep 27, 2024)
  12. @Sedaprasanyaad Twitter (Accessed Sep 27, 2024)
  13. @b0x_in Twitter (Accessed Sep 27, 2024)
  14. @TheACKx Twitter (Accessed Sep 27, 2024)
  15. @blckbld0 Twitter (Accessed Sep 27, 2024)
  16. @Mikeong_88 Twitter (Accessed Sep 27, 2024)
  17. @PedroJordan06 Twitter (Accessed Sep 27, 2024)
  18. @deficorner Twitter (Accessed Sep 27, 2024)
  19. @m3gaxbt Twitter (Accessed Sep 27, 2024)
  20. @kwt_thomas Twitter (Accessed Sep 27, 2024)
  21. @yarvadehtaga Twitter (Accessed Sep 27, 2024)
  22. @MaskaraChico Twitter (Accessed Sep 27, 2024)
  23. @LaVita1990 Twitter (Accessed Sep 27, 2024)
  24. @Crypto_Pilote Twitter (Accessed Sep 27, 2024)
  25. @tramcamap Twitter (Accessed Sep 27, 2024)
Retrieved from "https://quadrigainitiative.com/cryptocurrencyhackscamfraudwiki/index.php?title=Usual_Money_Discord_Breach_Fake_Airdrop&oldid=6195"