5 months ago
42 ARTICLE AD
Phishing scammers took over the X account of L1 network VeChain following attacks on Rocket Pool, Coingecko, and Polychain Capital’s CEO within a few days.
VeChain’s X page presented a supposed giveaway for VET holders with a phony contribution address attached. Users were directed to send as much as $15,000 in VET coins to participate in the promo. In exchange, they would receive a maximum of $300,000 in VeChain’s native blockchain token.
The scammer leveraged the image of VeChain CEO Sunny Lu in a bid to add a layer of authenticity to the campaign.
Fake VET token airdrop | Source: X
VeChain representatives on an official Telegram channel flagged the suspicious activities and alerted users to the pitfall shortly after the page was hacked. The malicious posts had spent at least two hours on the project’s timeline.
crypto.news reached out to VeChain concerning the compromise and was yet to hear back at press time. However, the X page seemed secure, and the fake airdrops previously pinned and tweeted had been deleted. The price on VET traded less than 1% down amid the incident per CoinMarketCap.
VeChain Telegram announcement | Source: Telegram
The Layer-1 blockchain is the latest protocol to suffer a hack on its social media accounts during January. Yesterday, Rocket Pool’s X account was exploited by unknown scammers promoting a fake smart contract flaw. Hackers told users to migrate their assets, but Rocket Pool admins on Discord cautioned against clicking links.
The X accounts of Coingecko and Polychain Capital CEO Olaf Carlson-Wee suffered similar breaches, with hackers publishing harmful links intended to drain users’ wallets. It’s possible that these accounts were breached due to an attack vector linked to 2FA with mobile phone numbers.
Crypto hackers and phishing scammers have been tapping new strategies to trick digital asset holders out of their virtual currencies. Aside from directly hijacking high-profile accounts like Coingecko, hackers also mimic X pages through a user interface vulnerability.
The flaw reportedly allows bad actors to generate illegitimate URLs containing malicious content.
