X Account of Animoca Brands Chair Hacked
Animoca Brands has confirmed that its co-founder and chair, Yat Siu, was hacked on X (formerly known as Twitter), with the attackers using his account to promote a fraudulent token.
This incident is part of a growing trend of attacks on crypto-related X accounts.
Quite a few others got involved, it's truly unfortunate.
Hopefully, you can resolve it soon. Good luck @yatsiu
— Kenta (@niutonapple) December 26, 2024
The hackers falsely claimed that Animoca Brands was launching a new token and contract, underlining the importance of vigilance among users.
The company clarified that it had not released any crypto tokens or NFTs and that any claims of a Solana-based token launch were also fabricated.
A now-deleted post from Siu's account had shared a link to a token launched on the Solana meme coin platform Pump.fun, called Animoca Brands (MOCA), which closely mirrored the company's name and its Mocaverse NFT collection.
Likely Victim of Phishing Scam
An initial investigation by Kenta revealed that the hacker gained control of Yat Siu's official X account, using it to falsely announce the launch of a new Animoca Brands token.
The token was reportedly created on the Pump.fun platform.
It seems that the @ysiu account might have been hacked ⚠️⚠️⚠️
✍️Recently, he posted about @animocabrands launching the $ANIMOCA token on https://t.co/dvi59MdbIM, including a link to https://t.co/dvi59MdbIM for purchasing it.
The chart price skyrocketed until he deleted the… pic.twitter.com/2xHPLmRkVr
— Kenta (@niutonapple) December 26, 2024
Blockchain investigator ZachXBT suggested that Siu likely fell victim to a phishing email, part of a broader scheme that has seen similar attacks on crypto-focused X accounts, netting around $500,000 in the past month.
2/3 Each of the 15 ATOs were directly connected by mapping out the deployer address for each scam.
The attacker bridged back and forth between Solana and Ethereum in an attempt to obfuscate the funding source. pic.twitter.com/DMcuh0KjXK
— ZachXBT (@zachxbt) December 24, 2024
ZachXBT further confirmed that the fraudulent MOCA token was deployed from the same address used for other fake tokens linked to recent hacks.
Fake MOCA Token Peaked Then Tanked
The fraudulent MOCA token briefly surged to a value exceeding $36,700 after being promoted through Siu's hacked account, only to plummet almost immediately.
According to Birdeye, its market cap quickly dropped to around $7,700, and it now stands at approximately $5,896, based on data from Pump.fun.
https://pump.fun/coin/6QWJgBxNBFHVRN4PL41BGgz5C9juBxiyuPQwvSM1pump
Recent String of Hacks
ZachXBT revealed that the attacker gained control of at least 15 X accounts through social engineering tactics, impersonating the X team and sending fake copyright infringement notices.
These notices created a sense of urgency, tricking victims into visiting a phishing site where they inadvertently reset their X account passwords and two-factor authentication (2FA), which the attacker then exploited.
Update: Yat Siu (co-founder of Animoca) likely fell for the same phishing email a few hours ago as the scam token was deployed by the same address as the Kick & Vanar CEO ATOs
Deployer address
BL1hs3jw58d1S9xw7cKRUx9wXY94se9Ydt7bCgN1W3pL pic.twitter.com/bTA1QUjJ7b
— ZachXBT (@zachxbt) December 26, 2024
In response, Yat Siu confirmed the breach via a secondary account, explaining that the attacker bypassed 2FA and had already reported the issue to X's support team.
Siu also expressed intent to share insights into the security flaws that allowed the attack to occur.
.@ysiu is compromised for the time being, this is my OG account I do not use a lot but will temporarily post from here to share my experiences and the weakness of @x security and make suggestions how to improve it shortly. The account @ysiu also had 2FA protection! https://t.co/sIBgCelLGd
— Yat Siu (@yatsiu) December 26, 2024
