According to ZachXBT, a hacker has infiltrated 15 crypto-focused X accounts to distribute scam memecoins, earning about $500,000.
ZachXBT, a blockchain investigator, has reported that a hacker has fraudulently obtained approximately $500,000 by conducting memecoin phishing scams on 15 compromised X accounts within the past month.
ZachXBT elaborated in a December 24 X post that the perpetrator impersonated the X team and sent fabricated copyright infringement notices to induce a sense of urgency and deceive the social media platform’s users into visiting phishing sites.
The victims would subsequently unknowingly reset their X account passwords and two-factor authentication (2FA) logins by utilizing the fake site.
The perpetrator seized control of 15 accounts and posted memecoin scams from them, resulting in an estimated $500,000.
ZachXBT observed that the compromised X accounts were primarily crypto-focused and included Kick, Cursor, The Arena, Brett, and Alex Blania.
For each memecoin scam, six deployer addresses were employed to connect all account takeovers. ZachXBT stated that the attacker endeavored to obscure the funding source by connecting the stolen funds to the Ethereum and Solana networks.
The blockchain sleuth advised X users to restrict the reuse of email addresses across services and to implement two-factor authentication (FFA) on “critical accounts” whenever feasible.
The initial known incident occurred on November 26, involving RuneMine’s X account, and the most recent incident was Kick on December 24.
Many of these X accounts have garnered a substantial audience, with well over 200,000 X followers, primarily memecoin enthusiasts seeking the next hot tip.
The captions of numerous memecoin phishing scams were “Incoming Transmission,” followed by a token announcement and contract address.
Certain compromised X accounts, including Neutron’s cross-chain scalability platform, have acknowledged the incident.
Crypto scammers may seek to regain lost ground this holiday season, as phishing losses decreased by 53% month-over-month in November, reaching $9.3 million.
Chainalysis, a blockchain forensics firm, reported earlier this month that approximately $2.2 billion was stolen by crypto thieves in 2024 due to 303 significant incidents.
The company reported a 21% year-over-year increase, with centralized services most affected.