A hacker has been using a deceptive strategy to gain control of high-profile accounts on X, the social media platform, and is using them to push a fake memecoin.
ZachXBT, a blockchain investigator, uncovered the scheme after tracking a series of phishing attacks targeting key accounts.
The attacker initiated the attack by sending fraudulent emails that appeared to come from the X team, falsely notifying the users of policy violations.
These emails were crafted to generate urgency, pushing recipients to click on a malicious link that led them to a phishing site designed to steal login credentials. Through this method, the hacker managed to hijack 15+ accounts, including well-known names like Kick, Cursor, and Alex Blania, and stole roughly $500,000 in the process.
Once the accounts were compromised, the attacker locked the users out, altered security settings, and gained control of the posts. Using these accounts, they shared links promoting a scam token to unsuspecting followers. In an effort to cover their tracks, the hacker also moved funds across Solana and Ethereum blockchains, making it harder to trace the stolen money.
ZachXBT urges users to adopt stronger security practices, such as limiting email reuse between platforms and enabling 2FA with hardware security keys on important accounts to prevent future attacks.
Following a major security breach at decentralized exchange Cetus, the Sui blockchain has moved swiftly to recover user funds.
French police have arrested more than a dozen individuals, including minors, in connection with a string of crypto-related kidnapping cases that have shaken Paris in recent weeks.
A bizarre cyberattack involving the hacked Instagram account of hip-hop group Migos has surfaced, allegedly as part of an attempted extortion scheme aimed at Solana co-founder Raj Gokal.
An Italian man narrowly escaped a harrowing ordeal in New York after being kidnapped and tortured in an alleged scheme to extract access to his digital wealth.