Hi Minimalists, In the early hours of this morning a hack was executed on our Discord server. The perpetrator: Banned any user from the server they could, that they felt had the authority to stop them executing their hack Deleted or attempted to delete any channel with high activity (to slow anyone raising the alarm) Added a bot to the server via a web hook Used this bot to post detail of a fake airdrop, containing a link which allowed them to empty the wallets of any user who fell victim to them Banned any user that attempted to warn other users They had done their homework & knew that the admins would likely be asleep at the time they performed the hack. They hadn’t banked on some of the team still being active at this time and thankfully we were able to stop the hack, but not before some of you fell victim to it. We can only apologise to those that have had their ETH wallets compromised and wish we could have acted faster. How did this happen? On reviewing the audit log and the actions of the hacker, we have established that this incident implemented the Inferno Drainer hack. We now know that we weren't the only server attacked in this way recently. There was a vulnerability in our Roles setup previously unknown to us which was exploited. What steps have we taken? As already reported the site related to the fake airdrop has been taken down We have now gone through each and every role on the server to eliminate the attack vector. We have banned the accounts created by the hacker We are in the process of restoring the deleted channels & roles of those users who the hacker banned What about the fake airdrop post? The hacker themselves posed as one of our Mods SherpaHill, after compromising their account. It wasn't about them specifically though, it could have been any one of our Mods - they just got unlucky, Sherpa is in touch with Discord Support to understand exactly how they got compromised, in order to prevent it happening again. They have also created a new account, to isolate the old one that had been breached. I know that they won't mind me saying that they feel devastated that this has happened through their account & we know that you will rally around them at this time. Announcements of any kind in the past, present & future will only ever come from one of the core team - a Server Owner or Community Team member - never a Mod. More than this, we never drop announcements out of nowhere. We always telegraph what we are doing ahead of time, to ensure that you know that when we announce something it is expected and legitimate. This hacker preyed on your excitement and goodwill, which upsets us greatly. We are doing everything we can to ensure it doesn’t happen again. Please help us by not interacting with any announcement posts in any channels that haven’t clearly come from a member of the core team. Thanks,