CoinGecko’s X accounts compromised in phishing attack
Cryptocurrency data aggregator CoinGecko’s X (formerly Twitter) account and terminal were briefly compromised on Jan. 10.
As reported by CoinGecko, “We’re taking immediate steps to investigate the situation and secure our accounts.” The company warned that users should not “click on any links or engage with suspicious content.”
For a brief period on Jan. 10, a phishing scam link informing users of a CoinGecko token airdrop was posted to the firm’s X account. The post has since been deleted.
Our Twitter accounts @CoinGecko and @GeckoTerminal have been compromised. We're taking immediate steps to investigate the situation and secure our accounts.
— CoinGecko (@coingecko) January 10, 2024
Please DO NOT click on any links or engage with suspicious content. Your security is our top priority.
We'll keep you…
On Jan. 9, the United States Securities and Exchange Commission’s X account was compromised, with scammers posting a seemingly genuine message from Chair Gary Gensler that the SEC had approved multiple applications of Bitcoin spot exchange-traded funds (ETFs). The post has since been deleted. No spot Bitcoin ETFs have been approved by the SEC at the time of publication.
In a post-mortem update of the SEC hack, X said that the breach was not due to any attacks affecting its infrastructure but instead the lack of two-factor authentication (2FA) tied to the SEC’s account. The incident was due to “an unidentified individual obtaining control over a phone number associated with the @SECGov account through a third party,” X’s Safety team wrote.
We can confirm that the account @SECGov was compromised and we have completed a preliminary investigation. Based on our investigation, the compromise was not due to any breach of X’s systems, but rather due to an unidentified individual obtaining control over a phone number…
— Safety (@Safety) January 10, 2024
SIM-card swap attacks are an ongoing issue within the Web3 community and occur when imposters, posing as genuine owners of the account, contact telecommunications issuers to switch the victim’s phone service to a number they control, thereby gaining access to the victim’s social accounts bound to the phone number. In September 2023, Ethereum co-founder Vitalik Buterin’s X account was also breached in a phishing attack .
Related: What is two-factor authentication (2FA) and how to use it in crypto
Disclaimer: The content of this article solely reflects the author's opinion and does not represent the platform in any capacity. This article is not intended to serve as a reference for making investment decisions.
You may also like
Bitwise analyst cautions dollar strength could hinder bitcoin breakout, despite it nearing $100,000
Despite bitcoin rebounding above $98,000, a strengthening U.S. dollar could pose a headwind for further gains, an analyst said.Expectations of a more hawkish Bank of Japan move increases risk of a yen carry trade unwind, which puts further volatility for risk assets, they said.
Could there be a Dogecoin ETF in 2025? 'Today's satire is tomorrow's ETF' says expert
President-elect Donald Trump has championed himself as a pro-crypto leader, hoping to make America the “bitcoin capital of the world.”Dogecoin is the world’s sixth-largest cryptocurrency with a market cap near $60 billion.
Hydration launches decentralized lending platform on Polkadot
Shiba Inu Dev Responds to Shibarium’s Integration of Chainlink’s CCIP for Seamless Connectivity