The official X account of virtual reality platform Decentraland has been hacked, with attackers announcing a fake airdrop of MANA tokens.
On September 19, PeckShield alerted the public in a post on X that Decentraland’s official account had been compromised.
Details of the breach
The blockchain security company urged users to avoid interacting with the account, advising against clicking on attached links or interacting with its content. PeckShield also recommended that the crypto community wait for further updates from Decentraland’s social media channels to confirm that account security has been restored.
The attackers reportedly spread a phishing link disguised as an airdrop for the platform’s native MANA token to trick followers.
The link allegedly directed users to a website where they were asked to claim the airdrop by connecting their crypto wallets. However, once connected, users’ funds were compromised, leaving them vulnerable to financial loss.
The phishing scam, which started early on September 19 at 01:50am UTC, tricked those who fell for it into thinking they were getting a legitimate release.
The offending post was pinned to Decentraland’s X account, ensuring it was seen by as many people as possible. Also, in a diabolical attempt to make the scam look believable, the attackers disabled comments on the post, ironically claiming they had done so due to “malicious links”.
Solana Meme Coin Scam
This type of social media breach is part of a growing trend. Just a day earlier, on September 18, several high-profile X accounts were hacked, including those of brands and celebrities. Bad actors used the hijacked accounts to promote a scam involving a Solana meme coin called HACKED.
Among the profiles targeted were Lenovo India, film director Oliver Stone, Yahoo News UK and Brazilian soccer player Neymar Jr. The hackers posted tweets announcing the dubious coin, claiming: “HACKED $ INTRODUCED TO SOLANA” and promising to post the token address on each hacked account to “bomb it and profit together.”
Blockchain researcher ZachXBT reported that the trading volume of the meme coin was minimal, and that the hackers likely only made about $8,000 from the operation despite the broad scope of the attack.
Dexscreener data also revealed that HACKED generated only $279,000 in total trading volume and currently has a market cap of just $2,600, after a 35% price drop in the hour prior to this writing.
ZachXBT mentioned that the exploiters probably spent five to six figures on the operation, resulting in a financial loss. “Strong contender for most incompetent hacker of the year,” remarked the analyst.
It also advised users to check their X account settings regularly and revoke permissions for any connected apps they no longer use, as these apps can provide entry points for hackers.
SPECIAL OFFER (Sponsored) Binance Free $600 (Exclusive to CryptoPotato): Use this link to register a new account and receive an exclusive welcome offer of $600 to Binance (full details).
2024 LIMITED OFFER on BYDFi Exchange – Up to $2888 Welcome Reward, Use this link to register and open a 100 USDT-M position for free!