Draft:United Kingdom Discord Raid 2024

United Kingdom Discord Raid 2024

edit
United Kingdom Discord Raid 2024
RaidersZoriby
Affected Discord Servers11

The United Kingdom Discord Raid occurred on the 25th of October, 2024. The raid targeted a number of Discord servers owned and operated under the Roblox community and group [UK] United Kingdom owned by scjamie. The raid removed all channels within a number of community discords and sent a large number of notifications to users within the servers.

Perpetrators

edit

The raid was carried out through the account of a user with server administrator permissions nicknamed "Zoriby". The users account is thought to have been accessed through Session hijacking, a method in which a link is sent to a user under an alias but is a cover for malware to access the computer system and compromise account access.

Timeline

edit
Time (BST) Description
6.11am Junior Moderation Staff Member bigkiwiboi advises Group Manager DanielJDechart of suspicious activity within a number of community discord servers.
6.15am Raid begins with a discord integrated bot being invited into large community servers.
6.22am Community safeguarding and moderation server is attacked, unnoticeable archived information starts being deleted.
6.23am Group Manager DanielJDechart is notified and logs onto Discord, the raider is identified and is swiftly removed from community servers. At this point, damage is widespread with multiple servers having channels deleted and more than 7,000 notifications sent to users.
6.35am DanielJDechart questions server administrator Zoriby in a private channel, to which Zoriby claims a rogue system developer is to blame for the raid. Unknown to DanielJDechart, Zoriby's account is compromised.
6.36am DanielJDechart identifies Zoriby's account as being compromised following a number of severe profanities and links being sent from The account. Zoriby's account is removed from all community servers.
6.50am Community safeguarding and moderation server attack is now significant, multiple senior staff members are banned and all 3,000 remaining users are given administration permissions; these permissions allow users access to private information and the ability to ban users remotely.
6.51am The Community Administrators scjamie and FaisalWellesley are contacted by DanielJDechart and advised of the raid, the community raid prevention plan (CRPP) is initiated and control is regained almost instantly.
6.56am A number of users report significant issues accessing community servers and are being sent suspicious links and material from compromised accounts.
6.57am scjamie logs on to discord and regains control of the safeguarding and moderation server and the main communication server, the servers collectively contain more than 20,000 members.
7.03am The account Zoriby is confirmed to be removed from all core community servers.
7.05am Community Administrators and Group Managers confirm control is regained and the threat has been removed from majority of the servers.
7.07am The remotely accessible administration bot is disabled by DanielJDechart to prevent remote attacks and abuse by users who gained access.
7.15am Community Administrator FaisalWellesley and Group Manager Tom log on to discord and are briefed on the situation, they begin removing suspicious links and channels from the main communications server.

At the same time, scjamie addresses the community about the raid and reassures users the server has been secured.

7.42am A second and more detailed announcement is released by DanielJDechart to the community, addressing security concerns. Majority of the server members are based within the United Kingdom and are waking up to more than 7,000 notifications on their devices.
8.30am Restoration begins on the core community servers.

Conspiracy Theories

edit

There are a number of theories circulating the community about the individual behind the raid. The most common theory is that a user nicknamed "dncMark", who was banned from the community less than 24 hours prior and told he would not be able to return, carried out the raid in an act of revenge.

References

edit