Thank you!

Thank youThank youThank youThank youThank youThank youThank you


Thanks for pointing this out to us @Kabirraya - after discussing everything in more depth, my initial assessment of what happened is the following:

  • Twitter shortens URL to discord invite (no idea why)
  • Some scammer registers this new, shorter URL as an invite
  • creates fake API3 discord, installs bot that makes a signature request “for verification”
  • the signature request allows them to spend your tokens (in this case, BNB)
  • your tokens are moved by the scammer to a wallet they control

I note a DAO member has already replaced the BNB you lost (to a different wallet address you control) as a gesture of appreciation for helping highlight this issue. I am not aware of any current needs API3 have to get users to sign messages using their wallet, so all of these should be considered scams. On the whole I would be wary of having to sign messages that aren’t readable and easily understood anyway