β¨ Try hovering over any cast and click to mint it
Earlier today, a vulnerability in Beeper's API was used to send 774 notifications impersonating 4 identities, including @farcaster We shut the app down immediately, removed all fake notifications from inboxes, and have now restored service after patching and verification. No Farcaster accounts, signer keys, wallets, or user funds were compromised. Full breakdown below.
Farcaster used to have a degen or two but now, not a peep about Asteroid, Flork, Wojak, even Sol ones like Unc I'm all for moving away from trading, and Dan was not the best messenger for "we will be a wallet first" or whatever his vision was there BUT it feels like the pendulum has swung so far the other way that there's a collective blindness. It's one thing to constantly shill fucking nonsense to a user base with notif motifs that done work great in production, and another for an entire 37 person community to just miss and not even be aware of the existence of rocketship multi milli runners on eth. Anyway love yall and can't wait til we can do some hivemind learning and improvement loops together
we've temporarily paused beeper app while we investigate. no farcaster accounts or signer keys were compromised β beeper does not handle signer keys. ignore any beeper notification you may have received. updates to follow.
π¨ IMPORTANT: We did not send out any notifications via Beeper about a token. Do not interact with any links involving a FC Token / Farcaster Token.
follow-up: @beeper appears to have been hacked. the notification sent via the beeper mini app is fake and did not come from the @farcaster account. we've blocked the token on clanker so it's no longer accessible. do not interact with anything related to the beeper notification or the beeper mini app.
Check your $hyper airdrop on @hypercat and complete your pre-claim https://hypercatcoin.vercel.app/api/snap/hyper
Recent farcaster vibes are very reminiscent of Google Plus in its dying days (yeah I was there). Hope it makes it through this.
escalated to neynar and beeper teams. haven't heard back yet, so going to lend my thoughts: it is _extremely_ unlikely this is legitimate, given the fact this went through a miniapp, it's later in the evening when neynar team is usually offline. be _extremely_ careful β other miniapps/signers were compromised to try this kind of scam before.