A hacker has been employing a deceitful strategy to take control of prominent accounts on the social media platform X and is using them to promote a counterfeit memecoin.
ZachXBT, a blockchain investigator, uncovered this scheme while tracing a series of phishing attacks aimed at important accounts. The attacker initiated the attack by sending fraudulent emails that appeared to be from the X team, falsely informing users of policy violations.
These emails were carefully crafted to create a sense of urgency, compelling recipients to click on a malicious link that directed them to a phishing website designed to steal their login credentials. Through this method, the hacker successfully hijacked more than 15 accounts, including those of well-known figures like Kick, Cursor, and Alex Blania, and managed to steal approximately $500,000 in the process.
Once the accounts were compromised, the attacker locked out the users, modified security settings, and gained control over the posts. Using these accounts, they shared links promoting a fraudulent token to unsuspecting followers. In an attempt to cover their tracks, the hacker also transferred funds across the Solana and Ethereum blockchains, making it more difficult to trace the stolen money.
ZachXBT advises users to adopt stronger security practices, such as refraining from reusing emails across different platforms and enabling two-factor authentication with hardware security keys for important accounts, in order to prevent future attacks.