Onyx Protocol Twitter/X Incident (And possibility to recover stolen funds)


The @OnyxProtocol Twitter/X account was compromised on July 1st. It was recovered on July 9th. The incident occurred as follows and transparency around the situation is detailed below:

Summary: The @OnyxProtocol account was secured via a 10+ character password with a combination of alpha numeric, case variance, and symbols. The account was secured via a Google Authenticator 2FA (not SMS). The malicious actor used a zero-day method to get access to the account and bypassed both account password and 2FA.

After X/Twitter staff finally responded to the situation, it was explained that an internal method was used to access the account and it based on the information collected it was a zero day compromise.

Timeline of events:

• On July 1, At 12:58pm PST, there was a password reset request to the ••••••••@••••.••• email account.

• On July 1, 1:29pm PST, a login from Japan on an Android device came which was unauthorized.

• Then at 1:57pm PST a password was reset and 2FA reset to a new 2FA.

• At 2:00pm PST, the DAO was unable to access the account there after

• On July 1 and multiple days after, the community opened several tickets which none were answered properly

• Finally on July 9, the DAO regained access to the account

For those affected

Email info@onyx.org details about your interactions with the malicious links and the DAO will work with the individuals to recover funds.

Glad its back now . also good you guys applied golden tick

what happened to the new X account ? :thinking:

Golden verification is smart move . Good work :sunglasses: