Hacked Social Media Accounts Used to Promote Fake Memecoin Scheme Unveiled by Investigator

EddieJayonCrypto

26 Dec 24

tl;dr

Insights more

Decentralized Exchanges (DEXs) Overtake Venture Capital: The Surprising Market Trend You Need to Know!

Tether Relocates to El Salvador Amid Crypto Boom

Binance Dominates Global Crypto Trading with 96.91% Market Share: Here's Why

A pseudonymous investigator has revealed a scheme using hacked accounts on social media platform X to promote a fake memecoin. The cybercriminal stole credentials of high-profile X accounts through phishing emails impersonating the X team. The attacker compromised 15 accounts and stole approximately $500K over a month. The bad actor bridged between Solana and Ethereum to obfuscate the funding source. The attacker sent fake copyright infringement emails to prompt users to reset their password and 2FA, leading to a phishing site. Once compromised, the attacker controls posting access to share malicious links promoting a scam token.

Security measures recommended include limiting email address reuse between services and using security keys for 2FA on important accounts.

A pseudonymous on-chain investigator says he’s unraveling a malicious scheme that’s using hacked accounts on the social media platform X to promote a fake memecoin. ZachXBT says the cybercriminal stole the credentials of high-profile X accounts by sending phishing emails that impersonated the X team. The emails appear as a notice of policy and guideline violations from X to create a sense of urgency and get the recipients to click a malicious link.

“A threat actor has stolen ~$500K over the past month by compromising 15 X accounts (Kick, Cursor, Alex Blania, The Arena, Brett, etc). Each of the 15 ATOs were directly connected by mapping out the deployer address for each scam. The attacker bridged back and forth between Solana and Ethereum in an attempt to obfuscate the funding source.”

Image Source: ZachXBT/X

According to smart contract platform Neutron, the bad actor sent fake copyright infringement emails that told the targeted X users to reset their password and two-factor authentication (2FA) by visiting what turned out to be a phishing site. Once the X account is compromised, the attacker logs out all sessions, changes security settings and then controls posting access to share malicious links that promote a scam token.

Says ZachXBT about security measures, “Make sure to limit email address reuse between services as well as using security keys for 2FA on important accounts whenever possible.”

Other news more

Major Investment Firm Acquires Stake in Bitcoin Miner Riot Platforms - What's Next for the Company?

China’s BKEX Exchange Conviction: Crypto Futures Trading Ruled as Gambling

Bitcoin's Future Predictions: Trump's Order to Bring Trillions, Cycle Shifts Expected - Matt Hougan's Insights

Disclaimer

The opinions expressed by the writers at Grow My Bag are their own and do not reflect the official stance of Grow My Bag. The content provided on our site is not intended as investment advice, and Grow My Bag is not an investment advisor. We do not endorse buying or selling any cryptocurrencies or digital assets mentioned in our articles. High-risk investments in Bitcoin, cryptocurrencies, and digital assets require thorough due diligence, and all transfers and trades made are at your own risk. Grow My Bag is not responsible for any potential losses and participates in affiliate marketing.

Decentralized Exchanges (DEXs) Overtake Venture Capital: The Surprising Market Trend You Need to Know!

Tether Relocates to El Salvador Amid Crypto Boom

Binance Dominates Global Crypto Trading with 96.91% Market Share: Here's Why

Major Investment Firm Acquires Stake in Bitcoin Miner Riot Platforms - What's Next for the Company? 30 Jan 25

China’s BKEX Exchange Conviction: Crypto Futures Trading Ruled as Gambling 30 Jan 25

Bitcoin's Future Predictions: Trump's Order to Bring Trillions, Cycle Shifts Expected - Matt Hougan's Insights 30 Jan 25