Submission rejected on 25 October 2024 by Sir MemeGod (talk). This topic is not sufficiently notable for inclusion in Wikipedia. Rejected by Sir MemeGod 7 days ago. Last edited by CommonsDelinker 11 minutes ago. |
United Kingdom Discord Raid 2024
editRaiders | Zoriby |
---|---|
Affected Discord Servers | 11 |
The United Kingdom Discord Raid occurred on the 25th of October, 2024. The raid targeted a number of Discord servers owned and operated under the Roblox community and group [UK] United Kingdom owned by scjamie. The raid removed all channels within a number of community discords and sent a large number of notifications to users within the servers.
Perpetrators
editThe raid was carried out through the account of a user with server administrator permissions nicknamed "Zoriby". The users account is thought to have been accessed through Session hijacking, a method in which a link is sent to a user under an alias but is a cover for malware to access the computer system and compromise account access.
Timeline
editTime (BST) | Description |
---|---|
6.11am | Junior Moderation Staff Member bigkiwiboi advises Group Manager DanielJDechart of suspicious activity within a number of community discord servers. |
6.15am | Raid begins with a discord integrated bot being invited into large community servers. |
6.22am | Community safeguarding and moderation server is attacked, unnoticeable archived information starts being deleted. |
6.23am | Group Manager DanielJDechart is notified and logs onto Discord, the raider is identified and is swiftly removed from community servers. At this point, damage is widespread with multiple servers having channels deleted and more than 7,000 notifications sent to users. |
6.35am | DanielJDechart questions server administrator Zoriby in a private channel, to which Zoriby claims a rogue system developer is to blame for the raid. Unknown to DanielJDechart, Zoriby's account is compromised. |
6.36am | DanielJDechart identifies Zoriby's account as being compromised following a number of severe profanities and links being sent from The account. Zoriby's account is removed from all community servers. |
6.50am | Community safeguarding and moderation server attack is now significant, multiple senior staff members are banned and all 3,000 remaining users are given administration permissions; these permissions allow users access to private information and the ability to ban users remotely. |
6.51am | The Community Administrators scjamie and FaisalWellesley are contacted by DanielJDechart and advised of the raid, the community raid prevention plan (CRPP) is initiated and control is regained almost instantly. |
6.56am | A number of users report significant issues accessing community servers and are being sent suspicious links and material from compromised accounts. |
6.57am | scjamie logs on to discord and regains control of the safeguarding and moderation server and the main communication server, the servers collectively contain more than 20,000 members. |
7.03am | The account Zoriby is confirmed to be removed from all core community servers. |
7.05am | Community Administrators and Group Managers confirm control is regained and the threat has been removed from majority of the servers. |
7.07am | The remotely accessible administration bot is disabled by DanielJDechart to prevent remote attacks and abuse by users who gained access. |
7.15am | Community Administrator FaisalWellesley and Group Manager Tom log on to discord and are briefed on the situation, they begin removing suspicious links and channels from the main communications server.
At the same time, scjamie addresses the community about the raid and reassures users the server has been secured. |
7.42am | A second and more detailed announcement is released by DanielJDechart to the community, addressing security concerns. Majority of the server members are based within the United Kingdom and are waking up to more than 7,000 notifications on their devices. |
8.30am | Restoration begins on the core community servers. |
Conspiracy Theories
editThere are a number of theories circulating the community about the individual behind the raid. The most common theory is that a user nicknamed "dncMark", who was banned from the community less than 24 hours prior and told he would not be able to return, carried out the raid in an act of revenge.