We’ve regained access and control over the Ceramic discord and locked out the hackers. We’re redoubling security and restoring previous roles and settings, but as of ~6pm ET we’ve re-gained control and eliminated the malicious posters and posts.
We’ll post a full post-mortem soon, but this looks to have been a highly coordinated attack by a group called pink drainer. They gained control of a core team members discord and used it to take control of the server, as they’ve done with a number of other leading Web3 projects recently.
Luckily, we fully regained control within 5 hours and relatively little funds (0.93476 ETH or ~$1710) were siphoned in this phishing attempt. We’ll be trying to contact those impacted in next day. If you’ve been affected by the attack, please reach out to us at team@3box.io.
Huge thanks to the Metamask, discord, LearnWeb3, ENS and the many, many community members who responded so quickly and effectively to help us contain the damage.
This was not our finest afternoon, but it’s part of operating in Web3 and we’ll learn from it, improve, and make sure we’re serving and protecting Ceramic’s community of Web3 builders. Full write-up from the team to follow, in the meantime please share any questions or thoughts here. Thanks again for your patience and understanding.