In the latest wave of X account hacks, Animoca Brands co-founder Yat Siu’s X account was hacked to falsely promote a non-existent token. The incident was reported after crypto detective ZachXBT had already warned users about phishing emails deployed by scammers.
Yat Siu’s X Hack: Fake Crypto Promoted
‼️🚨 Unfortunately @ysiu social media account has been compromised. There is no official token or NFT launch from Animoca Brands. The token launch on Solana as claimed in a post was made by the hacker. Please DO NOT engage with the account and stay vigilant.
We will provide an…
— Animoca Brands (@animocabrands) December 26, 2024
In a statement on X, the Web3 gaming giant wrote: “Unfortunately, @ysiu’s social media account has been compromised. There is no official token or NFT launch from Animoca Brands.” The company further cautioned crypto traders that the alleged token launch on Solana, as claimed in a post by the hacker, was fraudulent.
Crypto investigator ZachXBT had earlier highlighted the increasing number of phishing scams. He warned that a threat actor had stolen over $500K in the past month by compromising more than 15 X accounts, including Kick, Cursor, Alex Blania, The Arena, and Brett. The attacker used targeted phishing emails impersonating the X team to steal credentials and then launch memecoin scams.
ZachXBT wrote, “Each of the 15 ATOs [account takeovers] were directly connected by mapping out the deployer address for each scam. The attacker bridged back and forth between Solana and Ethereum in an attempt to obfuscate the funding source.”
He explained that phishing emails targeting X users typically follow a predictable pattern: they send a fake copyright infringement notice, create a sense of urgency, and trick recipients into visiting a phishing site to reset their two-factor authentication (2FA) or password. ZachXBT recommended using unique email addresses for different services and enabling security keys for 2FA on critical accounts to guard against such scams.
ZachXBT suggested that Siu may have fallen victim to the same phishing scheme just hours before the fraudulent token was deployed. He noted that the scam token originated from the same deployer address, “BL1hs3jw58d1S9xw7cKRUx9wXY94se9Ydt7bCgN1W3pL”, as previous scams involving the Kick and Vanar CEOs.
Also Read: ZachXBT Challenges Circle on USDC’s Role in Crypto Exploits
Credit: Source link
