ChainCatcher Message, ZachXBT disclosed on platform X that a hacker has stolen approximately $500,000 over the past month by compromising more than 15 X accounts (Kick, Cursor, Alex Blania, The Arena, Brett, etc.). These accounts were targeted through phishing emails impersonating the X team to steal credentials, which were then used to initiate Meme coin scams. The attacker conducted bridging transfers back and forth between Solana and Ethereum to obscure the source of the funds.

All email attacks seem to follow the same script:

Send fake copyright infringement emails;

Create a sense of urgency;

Trick users into visiting phishing sites and resetting 2FA/password.