Scroll co-founder Ye Chen’s X account was hijacked in a complicated phishing operation the place attackers posed as platform workers to focus on crypto business figures.

The compromised account, which instructions substantial affect amongst crypto leaders, started distributing fraudulent messages claiming copyright violations and threatening account restrictions except customers clicked on malicious hyperlinks inside 48 hours.

The hackers reworked Chen’s profile to imitate X’s official branding, updating the bio to reference Twitter and nCino whereas warning followers about safety breaches.

The attackers flooded the feed with reposts from X’s verified accounts to boost perceived legitimacy, then launched their phishing marketing campaign through direct messages.

Subtle Assault Mirrors Rising Sample

The breach follows established ways the place hackers exploit trusted accounts to distribute malicious hyperlinks disguised as pressing platform notifications.

Recipients obtained messages showing to return from X’s rights administration group, full with faux compliance warnings and time-sensitive appeals processes designed to create panic and bypass safety consciousness.

Blockchain safety researcher Wu Blockchain first recognized the compromise and alerted the group to disregard any communications from the account.

The warning emphasised explicit concern given Chen’s in depth community of high-profile cryptocurrency executives, builders, and buyers who would possibly belief messages from his verified account.

The assault represents the newest escalation in social media compromises concentrating on crypto business leaders, during which hackers more and more leverage delegated account entry and expired area registrations to bypass safety measures, together with two-factor authentication.

Business Faces Relentless Social Engineering Wave

BNB Chain’s official account suffered an analogous breach in October when hackers posted faux reward packages with phishing hyperlinks after Binance co-founder CZ warned followers towards clicking suspicious content material.

The compromised account promoted fraudulent BSC token distributions, promising early payouts to customers who voted on reward dates via malicious URLs designed to empty digital wallets.

Binance co-CEO Yi He’s WeChat account was additionally hijacked in December to advertise meme coin schemes, with attackers conducting a coordinated pump-and-dump operation across the token MUBARA.

Two wallets created hours earlier than the breach gathered 21.16 million tokens earlier than dumping holdings as retail merchants flooded in, netting attackers roughly $55,000 whereas leaving later patrons uncovered to cost collapse.

Amongst different notable accounts hacked have been ZKsync and Matter Labs, which have been compromised in Might via what the group described as “delegated accounts” with restricted posting privileges.

Hackers revealed false claims about an SEC investigation alongside faux airdrop promotions, triggering a 5% drop within the ZK token worth regardless of a previous 38.5% weekly rally.

The distinguished crypto media firm, Watcher.Guru additionally confirmed its account breach in March after faux Ripple-SWIFT partnership claims unfold throughout related Telegram, Fb, and Discord channels via automated content material bots.

The group suspects the compromise originated from a suspicious hyperlink containing uncommon question strings shared of their Telegram group weeks earlier.

Document Theft Yr Exposes Escalating Threats

The crypto ecosystem witnessed over $3.4 billion stolen in 2025, based on Chainalysis’s 2026 Crypto Crime Report, with North Korean state-backed hackers accounting for a file $2.02 billion throughout fewer however more and more subtle assaults.

The Democratic Individuals’s Republic of Korea now represents 76% of all service compromises, bringing cumulative DPRK cryptocurrency theft to $6.75 billion since operations started.

Private pockets compromises surged to 158,000 incidents affecting a minimum of 80,000 distinctive victims, triple the 54,000 instances recorded in 2022.

Handle poisoning scams drove December’s single-largest loss, when one sufferer transferred $50 million to a fraudulent pockets mimicking their supposed vacation spot, whereas non-public key leaks resulted in $27.3 million stolen from multi-signature wallets.

Private Safety Breaches Surge Throughout Platforms

Most not too long ago, Ubuntu developer Alan Pope warned that attackers are hijacking Snap Retailer writer accounts by registering expired domains linked to respectable builders, then pushing malicious updates to beforehand trusted packages.

The approach exploits automated replace techniques and established belief alerts, with a minimum of 2 confirmed instances of wallet-stealing malware distributed via seemingly regular functions.

Given these rising, multifaceted assault vectors, Higher Enterprise Bureau officers are warning customers about phishing campaigns that lock X customers out of their accounts and are subsequently used for cryptocurrency promotions.

Kentucky journalist Jennie Rees described receiving direct messages from obvious colleagues requesting contest votes, solely to search out her account posting faux Audi buy claims tied to crypto earnings after clicking the malicious hyperlink.

The submit Hackers Impersonate X Workers Utilizing Compromised Scroll Founder Account appeared first on Cryptonews.