Aug 2024 - Polygon Discord Compromise Airdrop Phishing - $154k (Global)
"Polygon is a protocol and a framework for building and connecting Ethereum-compatible blockchain networks. Aggregating scalable solutions on Ethereum supporting a multi-chain Ethereum ecosystem." "Polygon is an open source project built by decentralized team of contributors from all over the world."
"We envision an open, borderless world. A world in which people and machines collaborate and exchange value globally and freely, without gatekeepers or intermediaries. A world in which communities thrive, unconstrained by artificial borders and archaic regulations." "We don’t believe in traditional companies, hierarchy and management. Anyone is welcome to contribute code, ideas or anything else that can help make our vision a reality!"
"Polygon combines the best of Ethereum and sovereign blockchains into a full-fledged multi-chain system. Polygon solves pain points associated with Blockchains, like high gas fees and slow speeds, without sacrificing on security. This multi-chain system is akin to other ones such as Polkadot, Cosmos, Avalanche etc, but with at least three major upsides: (1) It is able to fully benefit from Ethereum’s network effects. (2) It is inherently more secure. (3) It is more open and powerful."
"Polygon combines the best of Ethereum and sovereign blockchains into an attractive feature set." "Ethereum is the blockchain development platform of choice, but it has limitations. Low Throughput. Poor UX (gas, delayed PoW finality). No sovereignty (shared throughput/clogging risk, tech stack not customizable, governance dependence)." "Many projects are exploring Ethereum-compatible blockchains as a way to mitigate these limitations while still leveraging Ethereum’s thriving ecosystem."
"Web3, Aggregated." "Enabling an infinitely scalable web of sovereign blockchains that feels like a single chain. Powered by ZK tech." "30% Claimed. 4,000,000 $POL Left @everyone"
"The phishing attack leveraged the network’s token transition to deceive users, prompting Polygon to disable bots and increase security as it approaches the September 4 launch."
"@0xPolygon hey is your discord hacked? There are scam links being posted in the announcements channel and I got a timeout for highlighting this in the support channel."
"Mudit Gupta, the Chief Information Security Officer of Polygon, stated on the X platform that the Polygon Community Discord has been compromised. He advised users not to click on any links within the server as the team is working to regain control."
"PSA: Do not click on any links in the @0xPolygon community discord until further notice.
It has been compromised and we're trying to get back ownership."
"Update: We've regained access and currently cleaning up all the changes made by the hacker to make sure they can't come back."
"The server is secured again. We'll share a post mortem once we're done with reviewing everything."
Further Analysis
Polygon is a popular protocol and a framework for building and connecting Ethereum-compatible blockchain networks. Just prior to the Polygon network's official upgrade from MATIC To Poly, their Discord account started promoting an airdrop of additional Poly tokens. Polygon security officer Mudit Gupta posted on Twitter some time later to inform the community, and this was subsequently retweeted by the official Polygon account. However, this was far too late for many users who lost funds, including at least one user losing $150,000 USD. The Polygon team promised a post-mortem to be released. Neither a post-mortem nor plans to assist victims could be located.
How Could This Have Been Prevented?
More Cryptocurrency Exchange Hacks/Scams/Frauds
Avalanche Official Discord Compromise Fake Airdrop > > < < Artela Discord Compromise Fake Airdrop
Sources/Further Reading
SlowMist Hacked - SlowMist Zone (Dec 31)
@Mudit__Gupta Twitter (Dec 31)
@SuperDutyPT Twitter (Dec 31)
@codemon_ Twitter (Dec 31)
@fishman18066236 Twitter (Dec 31)
@Crypto_0mega Twitter (Dec 31)
@dogeXbirdapp Twitter (Dec 31)
@Mudit__Gupta Twitter (Dec 31)
@samkoyna Twitter (Dec 31)
Ethereum Transaction Hash (Txhash) Details | Etherscan
(Dec 31)
@Mudit__Gupta Twitter (Dec 31)
@ValidatorK Twitter (Dec 31)
@0xPolygon Twitter (Dec 31)
@CryptoMiox Twitter (Dec 31)
@FilipDobrut Twitter (Dec 31)
@CryptoMiox Twitter (Dec 31)
@Sexyy_NFT Twitter (Dec 31)
@Crypto_0mega Twitter (Dec 31)
@shadabk2005 Twitter (Dec 31)
@parrot_coins Twitter (Dec 31)
@TheCrypto_B Twitter (Dec 31)
@TheCrypto_B Twitter (Dec 31)
@Ether_Authority Twitter (Dec 31)
@CryptoChiefNews Twitter (Dec 31)
@_ZoneCrypto_ Twitter (Dec 31)
@_ZoneCrypto_ Twitter (Dec 31)
@RoundtableSpace Twitter (Dec 31)
@RoundtableSpace Twitter (Dec 31)
@VooDooNemesi Twitter (Dec 31)
@RoundtableSpace Twitter (Dec 31)
@akashbitcoins Twitter (Dec 31)
@_Brutal_BTC_ Twitter (Dec 31)
@YannToken Twitter (Dec 31)
@Cryptohuhterz Twitter (Dec 31)
@Web3Market_site Twitter (Dec 31)
@tokenwars_io Twitter (Dec 31)
@Crypto_TownHall Twitter (Dec 31)
@Reggie_Coin Twitter (Dec 31)
@BowTiedPickle Twitter (Dec 31)
@ZoneCrypto_feed Twitter (Dec 31)
@lypp Twitter (Dec 31)
@ibcgroupio Twitter (Dec 31)
@BoringSecDAO Twitter (Dec 31)
@0xPolygon Twitter (Dec 31)
Polygon:Discord已恢复保护和访问权限,但外部机器人和集成暂时禁用 - PANews (Dec 31)
x.com (Dec 31)
 t.me/QuadrigaInitiative
|
 /r/QuadrigaInitiative
|
 @QuadrigaInit
|
 info@quadrigainitiative.com
|