Yat Siu, the co-founder of Animoca Brands, had a security breach on his X (previously Twitter) account, during which a hacker hijacked his profile to promote a counterfeit token. Animoca Brands confirmed the incident on December 26.
This breach is part of a disturbing trend of similar assaults on X, specifically targeting cryptocurrency-related accounts. According to blockchain security specialist ZachXBT, the hacker who carried out the attack most likely used phishing to obtain access to Siu’s account. In fact, experts believe the same hacker has taken control of at least 15 accounts in the past month, generating approximately $500,000 through fraudulent token promotions and frauds.
Following the attack, the Solana-based memecoin platform Pump.fun released the bogus MOCA token, which temporarily surged in value to almost $36,000 before plummeting and losing the majority of its value in minutes. The token’s market capitalization fell from a high of $36,700 to roughly $6,200 as trading activity slowed.
This form of scam, which involves establishing trust through compromised accounts, is growing more widespread. Attackers frequently utilize social engineering techniques, such as impersonating platform support personnel, to trick users into disclosing their account information. Once hackers have gained control of an account, they might use false announcements to deceive followers.
Earlier attacks on accounts for Bitcoin infrastructure provider RuneMine and cryptocurrency streaming site Kick followed a similar approach. These hacks are a frightening reminder of the bitcoin community’s vulnerability, particularly on social media platforms such as X.
As the frequency of such attacks increases, experts advise cryptocurrency users to remain careful. Implementing tighter security measures, such as hardware-based two-factor authentication (2FA) and validating announcements via official channels, can help guard against phishing and other cyber threats.
