A group of malicious actors has seized approximately $500K in the past month by conducting memecoin phishing scams across 15 compromised X accounts, according to blockchain investigator ZachXBT.
The perpetrators impersonated the X group and sent fake copyright violation notices to create urgency and trick users of this social network platform into accessing phishing pages, ZachXBT explained in a post on X on December 24.
Victims will then inadvertently use a fake page to reset their X account password and log in with two-factor authentication (2FA).
With this information, the perpetrators took control of 15 accounts and posted memecoin scams from these accounts — netting about $500K.
ZachXBT notes that compromised X accounts are primarily focused in the Cryptocurrency sector and include accounts like Kick, Cursor, The Arena, Brett, and Alex Blania.
Source: ZachXBT
All account takeovers are linked through six deployment addresses used for each memecoin scam. The attacker attempted to obscure the funding source by transferring the stolen funds between Solana and Ethereum networks, ZachXBT reported.
Blockchain investigators suggest that X users should limit the reuse of email addresses across services and implement 2FA for 'important accounts wherever possible.'
The first recorded incident involving the X account of RuneMine occurred on November 26, and the most recent was the Kick incident on December 24.
Many of these X accounts have attracted a large audience with over 200K followers, mostly memecoin enthusiasts looking for the next hot information.
Many memecoin scams have titles like 'Upcoming Announcement', along with token notifications and contract addresses.
Some compromised X accounts, such as the cross-chain expansion platform Neutron, have acknowledged the incident.
Cryptocurrency scammers may be attempting to recoup lost funds this holiday season after phishing losses decreased by 53% compared to the previous month, dropping to $9.3 million in November.
Approximately $2.2 billion has been stolen by Cryptocurrency thieves in 2024 from 303 significant incidents, blockchain analysis firm Chainalysis reported earlier this month.
The company stated this is a 21% increase compared to the same period last year, with concentrated services being the hardest hit.
