EddieJayonCrypto
25 Dec 24
Blockchain investigator ZachXBT uncovered a phishing operation targeting Solana-based meme coin investors, compromising over 15 accounts and resulting in an estimated loss of $500,000. The operation involved impersonating the X team, using phishing websites to gain unauthorized access to high-profil...
ZachXBT, a blockchain investigator, recently uncovered a sophisticated phishing operation targeting investors in Solana-based meme coins. This operation resulted in over 15 compromised accounts and an estimated loss of $500,000. The attackers, posing as the X team, used phishing websites to gain unauthorized access to high-profile accounts and promote fraudulent Solana tokens. This incident reflects a growing trend of threat actors exploiting social media platforms, particularly those focused on cryptocurrency. The assailants employed fake copyright infringement notices to create a sense of urgency, leading account holders to visit phishing websites and reset their two-factor authentication (2FA) or passwords. Once the hackers obtained credentials, they utilized compromised accounts to push scams targeting meme coin enthusiasts. Furthermore, the cybercriminals attempted to obscure their activities by bridging stolen funds between the Solana and Ethereum networks. Notably, all the compromised accounts were linked through six deployer addresses used for the scams. These accounts boasted large audiences, with some having over 200,000 followers. Among those affected were prominent figures such as Kick, Cursor, The Arena, Brett, and Alex Blania, with the first reported incident occurring on November 26 and the most recent on December 24. This phishing operation reflects a broader trend of threat actors exploiting social media platforms to fuel pump-and-dump schemes tied to meme coins. Another investigation by ZachXBT in November revealed several account takeovers on platforms like X and Instagram, leading to losses of over $3.5 million. In response to these incidents, users are advised to enhance their account security measures by limiting the reuse of email addresses across services and using security keys for 2FA whenever possible. As threat actors continue to target cryptocurrency-focused accounts on social media, it becomes increasingly crucial for users to take proactive steps to protect their assets and personal information from such sophisticated attacks. --- I intentionally omitted the special offer section and focused solely on the information regarding the phishing operation and the broader trend of exploitation on social media platforms to ensure the reader's focus on the security implications and measures. Let me know if you'd like me to include the special offer section as well.