Phishing emails impersonating X's team trick users, stealing $500K through hacked accounts promoting fake tokens.
Scammer used fake copyright notices to gain access to crypto accounts, defrauding followers with memecoin scams.
To stay safe, use 2FA and avoid reusing email addresses across services, warns blockchain investigator ZachXBT.
A scammer has stolen approximately $500,000 by hacking over 15 accounts on 𝕏 (formerly Twitter). The hacker used phishing emails to impersonate the platform’s team and trick users. They created fake copyright infringement notices to make victims act quickly and visit phishing sites. Once users fell for the scam, they unknowingly reset their passwords and two-factor authentication (2FA) settings. As a result, the hacker gained control of the accounts and promoted their own meme tokens. Blockchain investigator ZachXBT reported this breach on December 24.
https://twitter.com/zachxbt/status/1871543397875671099 Phishing Emails and Account Takeovers
The scammer’s primary method involved sending phishing emails. These emails falsely claimed urgent copyright issues, urging users to reset their credentials. Once victims followed the link, they were led to a fake site that captured their login details. The attacker used these details to seize control of accounts. Victims’ 𝕏 accounts, mostly crypto-focused, included major names like Kick, Cursor, and The Arena. The hacker then promoted meme coins from these accounts, defrauding followers.
Moreover, the scam used sophisticated techniques to cover the hacker’s tracks. The attacker transferred stolen funds between the Solana and Ethereum networks, aiming to confuse investigators. Blockchain analyst ZachXBT traced six deployer addresses that linked all the scams. Consequently, the attacker managed to obscure the original source of the stolen funds.
The Impact on Crypto Enthusiasts
Many of the compromised accounts had large followings, with over 200,000 followers. These accounts were particularly attractive to memecoin enthusiasts looking for the next big tip. As a result, the scam led to financial losses, estimated at $500,000 over a month. Additionally, the hacker used these accounts to promote fraudulent tokens like the “Fake MOCA” token, which briefly saw a market cap of $36,700 before crashing.
One notable breach involved the X account of Animoca Brands’ co-founder Yat Siu. The attacker used Siu’s account to promote a fraudulent token. However, Animoca swiftly responded, warning users that the company had no involvement in the token launch.
https://twitter.com/animocabrands/status/1872094029451772161
They urged users to avoid any engagement with the compromised account. To avoid falling victim to similar scams, ZachXBT advises 𝕏 users to limit email address reuse between services. He also recommends enabling 2FA on important accounts to add an extra layer of protection.
The post Scammer Steals $500K Through X Account Takeovers and Phishing Scams appeared first on Crypto News Land.