Aug 2024 - ZkSync Official Discord Compromise Fake Airdrop - $Unknown (Global)
"ZKsync is an ever expanding verifiable blockchain network, secured by math."
"ZK chains are high performance, verifiable, modular rollups and validiums powered by ZKsync. United in an elastic network, ZK chains can be added or expanded to handle increased transaction volume without affecting costs or hardware requirements for verification."
"ZK chains provide native, frictionless interoperability presented in a consistent and easy-to-use interface. This enables trustless communication and asset transfers between chains leveraging the full range of users and liquidity across the entire ZK chain ecosystem. Unlike traditional, centralized solutions, this protocol relies solely on cryptography for security."
"ZKsync offers secure one-tap onboarding via FaceID/Passkeys, eliminating the need for seed phrases and reducing the risk of hacks. By automatically creating modular smart accounts at the protocol level, ZKsync enables a delightful, customizable UX, allowing users to seamlessly access all ZK chains with what feels like a single account directly from their application."
"It's time for round 2 of the $ZK airdrop. For all those who believed and continued to build with us and be apart of the future of crypto, we have a surprise for you.
We have seen staggering growth and incredible support from our amazing community. We appreciate, and thank each and every one of you, so we wanted to make round 2 something special, something that rewards the loyal supporters of our community.
We have so much planned, and still have so many more surprises for our builders and loyal supporters. This is only the beginning.
Stay tuned for our Twitter AMA being hosted shortly."
"only one hour after the Avalanche exploit, the official Discord of the ZkSync was also reportedly compromised.
Hackers once again shared malicious links to a sham “round 2 airdrop” scheme, promising users free ZK tokens."
"Scam Links We're investigating some comrpmised accounts posting scam links across the Discord Server. Please do not click on any unknown links or any links potsed to prevent from being scammed. We'll keep everyone updated as we find more information."
"PANews August 26 news, according to Cointelegraph, inLess than 48 hours after Polygon’s Discord was invaded yesterday, The official Discord servers of L1 network Avalanche and L2 chain ZKsync have also been attacked one after another. The Avalanche team has found “ that this problem has been solved and is working hard to get the server back to normal. Only one hour after the Avalanche loophole was exploited, ZkSync official Discord was also invaded, and hackers again shared the malicious link of the false “ second round of airdrop ” program, promising to provide users with free ZK tokens. Some ZkSync team members have noticed the loophole."
"Just an hour after Avalanche’s servers were compromised, the official ZkSync Discord was also hit. Once again, hackers shared links to the round 2 airdrop scam which tricks users into thinking they are getting free ZK tokens.
Unlike Avalanche, ZKsync is yet to address the issue on X but a number of team members have brought attention to the breach on Discord itself."
"However, only one hour after the Avalanche exploit, the official Discord of the ZkSync was also reportedly compromised.
Hackers once again shared malicious links to a sham “round 2 airdrop” scheme, promising users free ZK tokens.
ZkSync has not addressed the exploit on X however several of ZkSync’s team members have made note of the compromise on Discord.
The attack on Avalanche and zkSync came less than 48 hours after the official Discord for Polygon was compromised in a similar manner, with hackers sharing malicious links throughout the server. "
"However, just an hour later, ZKsync’s official Discord was also targeted by hackers. Similar to the Avalanche attack, the perpetrators shared links to a bogus “round 2 airdrop” scheme, promising free ZK tokens to unsuspecting users. Although ZKsync has not formally addressed the exploit on X, several team members acknowledged the breach on their Discord server."
"Henri Vies, media relations head at Matter Labs — the firm behind ZkSync — said there was “an issue on the ZKsync discord,” and noted that the team had managed to handle it in about 20 minutes and return the sever to normal."
Further Analysis
ZKSync is a protocol which enables trustless communication and asset transfers between different blockchains, improving scalability. On August 25th, the official Discord server began promoting an airdrop offer to users. Users who accepted this promotion would have their assets drained. There is no indication of anyone falling for the scheme. The ZKSync team reports having resolved the issue within 20 minutes, however no specific timeline has been provided to substantiate this claim.
How Could This Have Been Prevented?
More Cryptocurrency Exchange Hacks/Scams/Frauds
1inch Official Discord Phishing Links > > < < Avalanche Official Discord Compromise Fake Airdrop
Sources/Further Reading
SlowMist Hacked - SlowMist Zone (Dec 31)
Avalanche、ZKsync官方Discord服务器遭遇攻击 - PANews (Dec 31)
https://cointelegraph.com/news/polygon-discord-scam-hits-avalanche-zksync-hours-later (Dec 31)
Discord of Blockchain Platform Avalanche & ZKsync Compromised (Dec 31)
Polygon discord compromise hits Avalanche, ZKsync hours later
(Dec 31)
Avalanche and ZKsync Discord Servers Compromised (Dec 31)
@CoinnessGL Twitter (Dec 31)
@hammertoesknows Twitter (Dec 31)
@darkray_musings Twitter (Dec 31)
@Timi34518217 Twitter (Dec 31)
@watzeneth Twitter (Dec 31)
@codeglitch Twitter (Dec 31)
@elulueth Twitter (Dec 31)
@beadce Twitter (Dec 31)
@Ricardo__Gordon Twitter (Dec 31)
@quiniyedios Twitter (Dec 31)
@realmoonverse Twitter (Dec 31)
@iam_melex Twitter (Dec 31)
@weakhand_gg Twitter (Dec 31)
@CryptoMage_YT Twitter (Dec 31)
@MaskaraChico Twitter (Dec 31)
@AliTslm Twitter (Dec 31)
@TheBrownGentYT Twitter (Dec 31)
@valkyrypto Twitter (Dec 31)
@BenniDaytime Twitter (Dec 31)
@911Corp Twitter (Dec 31)
@0xRouss Twitter (Dec 31)
@BadSocialNet Twitter (Dec 31)
@yichuan_drive Twitter (Dec 31)
@DeaKepy Twitter (Dec 31)
@0xKatsuyusama Twitter (Dec 31)
@fabiojr_eth Twitter (Dec 31)
@auguraemali323 Twitter (Dec 31)
@CryptoTraalala Twitter (Dec 31)
@valkyrypto Twitter (Dec 31)
@avaxspaces Twitter (Dec 31)
@TomKeenZK Twitter (Dec 31)
@valkyrypto Twitter (Dec 31)
@buska29270 Twitter (Dec 31)
@ezecZshield Twitter (Dec 31)
@adidshaft Twitter (Dec 31)
@Jon_HQ Twitter (Dec 31)
@ezecZshield Twitter (Dec 31)
@zogpukesucksok Twitter (Dec 31)
@buska29270 Twitter (Dec 31)
ZKsync (Dec 31)
Suspected phishing site | Cloudflare (Dec 31)
 t.me/QuadrigaInitiative
|
 /r/QuadrigaInitiative
|
 @QuadrigaInit
|
 info@quadrigainitiative.com
|