Key takeaways
- A malicious actor stole $500,000 via meme coin scams promoted through compromised X accounts.
- ZachXBT suggests not reusing emails and using security keys for important accounts.
Share this article
A malicious actor made approximately $500,000 through a series of scams launched through more than 15 compromised X accounts, according to blockchain detective ZachXBT. The hacked accounts included Kick, Cursor, Alex Blania, The Arena and Brett, among others.
1/3 A malicious actor stole approximately $500,000 in the last month by compromising more than 15 X accounts (Kick, Cursor, Alex Blania, The Arena, Brett, etc.) by sending targeted phishing emails impersonating Team X’s identity to steal credentials and then run scams with coins. pic.twitter.com/HEWQdVICgJ
-ZachXBT (@zachxbt) December 24, 2024
The attacker gained access by sending targeted phishing emails disguised as Team X communications to steal user credentials, ZachXBT noted.
The scheme involved sending fake copyright infringement notifications to create urgency and trick users into visiting phishing sites where they would reset their two-factor authentication (2FA) and passwords.
All account takeovers were connected via a single deployment address used for each scam. The attacker attempted to hide the funding source by moving assets between the Solana and Ethereum networks.
ZachXBT advised users to avoid reusing email addresses across services and recommended using security keys for 2FA on important accounts.
Hacking social media accounts has become a widespread strategy for cybercriminals seeking to promote fake cryptocurrency projects or tokens. They often target well-known personalities and brands to lend credibility to their deceptive schemes.
Earlier this month, the official X account of The Cardano Foundation has been hackedleading to the spread of false information about a non-existent SEC lawsuit and the promotion of a fraudulent token linked to Solana.
The misinformation caused confusion within the Cardano community and negatively impacted the price of ADA, which fell 4% to $1.18.
In another matter, the rap star Drake’s official X account was hackedpromoting a fraudulent coin named “Anita”.
The adversary exploited its collaboration with gaming platform Stake to make false partnership claims, misleading its subscribers with false token details and project character. The misleading posts and the project’s X account were quickly deleted and suspended.
Share this article