Root-cause analysis not yet published. The incident description below contains all currently available signal — review the attack transaction directly for definitive forensics.
On September 1, community users discovered that Gitcoin’s official twitter account was suspected to have been stolen. The thief had used the account to post some phishing information. On September 9, Gitcoin tweeted that it had regained access to the official Twitter account. In the details of the incident later released by the official, Gitcoin stated that it still did not know how the thief bypassed the 2FA verification, but it would continue to investigate and implement stricter security measures in the future. Attack method (per SlowMist): Account Compromise. Reported loss: -.
- chain
- —
- protocol
- Gitcoin
- bug_class
- phishing
- date_occurred
- 2023-09-01
- loss_usd
- —
- source_id
- sm:gitcoin::2023-09-01