15 hours ago
9
The X account of Animoca Brands co-founder Yat Siu was hacked to promote a bogus token in what appears to be the latest in a string of similar hacks in the past month.
Blockchain gaming conglomerate Animoca Brands confirmed its co-founder and chair, Yat Siu, was hacked on X to promote a fake token, in what appears to be the latest in a string of attacks on crypto X accounts.
“Unfortunately [Siu’s] social media account has been compromised,” Animoca posted to X on Dec. 26. “The token launch on Solana as claimed in a post was made by the hacker.”
In the now-deleted post, Siu’s account shared a link to a token launched on Solana memecoin launcher Pump.fun called Animoca Brands (MOCA) — named the same as the firm and its affiliated Mocaverse non-fungible token (NFT) collection.
Blockchain investigator ZachXBT wrote on X that Siu “likely fell” victim to a phishing email from a threat actor behind a string of similar hacks and fake token posts that have net $500,000 in the past month.
ZachXBT said the fake MOCA token “was deployed by the same address” as similarly faked tokens shared on other recently hacked crypto-focused X accounts.
Source: ZachXBT
The faked MOCA token hit a peak value of just over $36,700 shortly after being shared on Siu’s account but essentially lost all its value seconds later, falling to a market cap of around $7,700, according to Birdeye.
The token’s value is now sitting at around $6,200 and what little trading volume there was has evaporated.
The fake MOCA token’s value plummeted from its peak value within a minute, just moments after a post of Siu’s X account. Source: Birdeye
Related: Alleged SEC hacker allowed to travel for the holidays
ZachXBT had earlier explained that an attacker had taken control of at least 15 X accounts through social engineering — impersonating the X team to send fake copyright infringement notices.
The notices created a sense of urgency and tricked hack victims into visiting a phishing site where they unknowingly reset their X account passwords and two-factor authentication (2FA) logins, information that was sent to the attacker.
The first known incident was on Nov. 26, involving the X account for Bitcoin infrastructure service provider RuneMine, and the latest — before the suspected attack on Siu — was against the account for crypto trading video streaming site Kick on Dec. 24.
X Hall of Flame: Elon Musk is worth 100K followers — Yat Siu
English (US) ·