CoinInsight360.com logo CoinInsight360.com logo
A company that is changing the way the world mines bitcoin

WallStreet Forex Robot 3.0
Crypto Potato 2024-12-27 07:35:29

Animoca Brands’ Exec Explains How His X Account Was Hacked Despite 2FA

Blockchain gaming giant Animoca Brands revealed that co-founder and chair Yat Siu’s X account was hacked, promoting a fraudulent token on Solana’s Pump.fun platform. The attackers impersonated Animoca and falsely announced the launch of a token. Blockchain investigator ZachXBT attributed the hack to a phishing scam that has recently targeted over 15 crypto-focused X accounts, ultimately stealing almost $500,000. Fraudulent ‘MOCA’ Token Siu’s hacked account shared a link to a fake token called Animoca Brands (MOCA) on the Pump.fun platform, which bore the same name as both the company and its Mocaverse NFT collection. This fraudulent MOCA token was then traced back to the same address behind other fraudulent tokens, ZachXBT confirmed . After being promoted on Siu’s account, the token briefly reached a peak value of almost $37,000, only to crash moments later to a market cap of just $5,735, as per data compiled by Birdeye. Currently, there are only 33 holders of the token. ZachXBT had previously uncovered this sophisticated phishing scheme wherein phishing emails disguised as urgent messages from the X team often cited fabricated copyright issues and tricked victims into resetting their account credentials. The scheme leveraged the credibility of crypto-related accounts with large audiences. A majority of those had more than 200,000 followers. Affected accounts included Kick, Cursor, The Arena, Brett, and Alex Blania. The first attack was on November 26, involving RuneMine, and the most recent occurred on December 24, affecting Kick, just before Siu’s. 2FA “Not Enough” to Secure Accounts Siu explained that the hacker somehow obtained his password and used the account recovery page to bypass 2FA by submitting a request with a non-registered email address. He tested this process and noted a significant security gap: while the system triggered a login notification to the wrong email, the actual, registered email received no alerts regarding critical actions like a 2FA change request. He said that this lack of notification could have prevented the hack. Siu also added that the hacker submitted a government-issued ID to bypass further security checks, a tactic he suspects was facilitated by phishing. He urged X to implement stronger notifications, particularly for sensitive changes like 2FA modifications, and recommended better verification measures to protect accounts. Siu also warned that 2FA alone is not enough to secure an account and advised maintaining strong password hygiene, as attackers can bypass 2FA once they have access to the password. The post Animoca Brands’ Exec Explains How His X Account Was Hacked Despite 2FA appeared first on CryptoPotato .

Прочтите Отказ от ответственности : Весь контент, представленный на нашем сайте, гиперссылки, связанные приложения, форумы, блоги, учетные записи социальных сетей и другие платформы («Сайт») предназначен только для вашей общей информации, приобретенной у сторонних источников. Мы не предоставляем никаких гарантий в отношении нашего контента, включая, но не ограничиваясь, точность и обновление. Никакая часть содержания, которое мы предоставляем, представляет собой финансовый совет, юридическую консультацию или любую другую форму совета, предназначенную для вашей конкретной опоры для любых целей. Любое использование или доверие к нашему контенту осуществляется исключительно на свой страх и риск. Вы должны провести собственное исследование, просмотреть, проанализировать и проверить наш контент, прежде чем полагаться на них. Торговля - очень рискованная деятельность, которая может привести к серьезным потерям, поэтому проконсультируйтесь с вашим финансовым консультантом, прежде чем принимать какие-либо решения. Никакое содержание на нашем Сайте не предназначено для запроса или предложения