The X account of Yat Siu, the co-founder and executive chairman of Animoca Brands, has been under attack, with the hacker using it to promote fake Solana memecoin called MOCA, , which impersonates Animoca Brands and its associated Mocaverse NFT collection.

It’s likely part of a broader phishing campaign targeting multiple crypto-related X accounts.

Animoca Brands confirmed the hack and urged users to avoid interacting with any suspicious contracts or tokens related to the compromised account. The team said they would provide updates when the account is restored.

Hacks For Cash

It appears that Yat Siu has yet to regain control of his account. Although some posts promoting the fake token had been removed, the compromised account continued to retweet a series of posts about the MOCA token.

Update: Yat Siu (co-founder of Animoca) likely fell for the same phishing email a few hours ago as the scam token was deployed by the same address as the Kick & Vanar CEO ATOs

Deployer address
BL1hs3jw58d1S9xw7cKRUx9wXY94se9Ydt7bCgN1W3pL pic.twitter.com/bTA1QUjJ7b

— ZachXBT (@zachxbt) December 26, 2024

According to a report from Mocaverse, Yat Siu’s account was compromised even with standard security measures (2FA) in place.

“The evidence seems to suggest that this was a case of stolen identity as the account had standard security implementations (such as 2FA). Stronger security approaches are being considered and implemented,” the team stated.

As a precaution, all key members and official accounts have updated their login credentials, according to the report. No additional vulnerabilities or unauthorized activities were found on other accounts.

The fake token featured across the compromised account briefly surged to $36,700 in market cap before collapsing. Its value currently sits at around $5,991, per Birdeye.

Commenting on Animoca Brands’ confirmation, ZachXBT, a well-known on-chain analyst and crypto investigator, suggested that Yat Siu did not use a security key on his account, which might make it more vulnerable to exploit attempts.

Earlier this week, ZachXBT had warned about a phishing email that targeted X accounts associated with the cryptocurrency sector. According to the blockchain sleuth, a hacker has compromised over 15 X accounts in recent weeks, resulting in approximately $500,000 being stolen through various meme coin scams.

The threat actor in these attacks employed a consistent phishing strategy to trick users into revealing their credentials. He/she sent fake copyright infringement emails to create urgency among users.

Victims often felt the urge to go to phishing sites where they were prompted to reset their passwords and two-factor authentication settings, ultimately granting the attacker access to their accounts.

Some of the notable compromised accounts included those belonging to Kick, Cursor, Alex Blania, The Arena, and Brett. These accounts were mainly crypto-focused and had huge followings, making them attractive targets for the hacker.

Once access was gained, the hacker used the accounts to promote fake tokens and scams, mostly targeting Solana investors. The scams often featured announcements of new coins along with contract addresses.

Moving Tokens

ZachXBT also noted that the attacker engaged in bridging transfers between the Solana and Ethereum networks to conceal the origins of the stolen funds. This method was aimed at challenging authorities and blockchain analysts’ tracking attempts.

Recent reports indicate a troubling increase in attacks on crypto-related Twitter accounts. Hackers have increasingly targeted high-profile individuals and organizations within the cryptocurrency space.

On December 14, Drake’s X account was compromised, with attackers using it to promote a fraudulent meme coin called ANITA. The scam falsely claimed a partnership with Stake, a gambling platform that Drake has endorsed since 2022.

Following the deceptive promotion, the token’s trading volume soared to approximately $5 million before the scam was detected and all the fraudulent posts were deleted.

Earlier, on December 8, the Cardano Foundation’s X account also fell victim to cyber attack. During the breach, the hacker promoted a fake token called ADAsol and disseminated false information about an alleged SEC lawsuit against Cardano.

The Foundation quickly regained control of its account and reassured users that normal operations would resume while investigating the breach.

The post Animoca Brands Co-founder Yat Siu’s X Account Hacked to Promote Fake Solana Memecoin appeared first on Blockonomi.