A threat actor has stolen about $500,000 over the last month from launching memecoin phishing scams on 15 compromised X accounts, according to blockchain investigator ZachXBT.
The perpetrator impersonated the X team and sent fake copyright infringement notices to create a sense of urgency and trick the social media platform’s users into visiting phishing sites, ZachXBT said in a Dec. 24 X post.
The victims then unknowingly used the fake site to reset their X account passwords and two-factor authentication (2FA) logins.
With that information, the perpetrator took control of the accounts and posted memecoin scams from them, netting about $500,000.
ZachXBT noted that the compromised X accounts were mostly crypto-focused and included Kick, Cursor, The Arena, Brett and Alex Blania.
All account takeovers were connected through six deployer addresses used for each memecoin scam. The attacker attempted to obfuscate the funding source by bridging the stolen funds between the Solana and Ethereum networks, ZachXBT said.
The blockchain sleuth recommended X users limit email address reuse between services and implement 2FA on “important accounts wherever possible.”
The first known incident involved RuneMine’s X account on Nov. 26, with the latest being Kick on Dec. 24.
Many of these X accounts have large audiences, with well over 200,000 followers who are mainly memecoin enthusiasts looking to catch the next hot tip.
Related: White hat ‘SEAL’ team protecting from crypto hacks surpasses 900 investigations
Many of the memecoin phishing scams were captioned “Incoming Transmission,” followed by a token announcement and contract address.
brett hacked? $BRETT @BasedBrett pic.twitter.com/ORaRyfSPmU
— KrakenGFX (@_KrakenGFX) December 2, 2024
Some compromised X accounts, such as the crosschain scalability platform Neutron, have acknowledged the incident.
Crypto scammers could be looking to make up for lost ground this holiday season after phishing losses fell 53% month-on-month in November to $9.3 million.
Around $2.2 billion has been stolen by crypto thieves in 2024 from 303 major incidents, blockchain forensics firm Chainalysis reported earlier this month.
The firm said it marked a 21% year-on-year increase, with centralized services among the hardest hit.
Magazine: Comeback 2025: Is Ethereum poised to catch up with Bitcoin and Solana?