On December 26, 2024, Yat Siu, the co-founder and chair of Animoca Brands, became the latest victim of a high-profile hack on X. The breach involved the compromise of Siu’s X account, which was used to promote a fraudulent token, “Animoca Brands (MOCA),” launched on the Solana-based memecoin platform, Pump.fun. The hacker shared a link to the fake token, which mirrored Animoca’s brand and its affiliated Mocaverse non-fungible token (NFT) collection. While the fake MOCA token briefly soared in value, peaking at $36,700, its market value rapidly crashed within minutes, falling to around $7,700.
Blockchain investigator ZachXBT uncovered that the attack was part of a wider pattern, with a string of similar hacks occurring over the past month. According to ZachXBT, the attacker likely used a phishing scheme to gain access to Siu’s account, a method that has been used to compromise at least 15 crypto-related X accounts. The attacker impersonated the X team, sending fake copyright infringement notices to lure victims into resetting their account credentials, including passwords and two-factor authentication (2FA) details, which were then sent to the attacker.
The fake MOCA token is not the first instance of this type of cyberattack. The same hacker has been linked to previous attacks on high-profile crypto figures, where social engineering tactics were employed to infiltrate X accounts. These attacks have raised concerns over the vulnerability of social media accounts within the cryptocurrency industry, which is often targeted by threat actors due to the high profile of its key players. These breaches not only compromise individual accounts but also put followers and investors at risk, potentially leading to significant financial losses.
Despite the financial damage caused by these attacks, the hacker’s actions have triggered heightened awareness within the cryptocurrency community regarding the importance of securing social media accounts. With the number of attacks increasing, many are urging crypto influencers and companies to strengthen their cybersecurity measures, including more robust two-factor authentication processes and cautious vetting of suspicious communications. As the crypto world continues to grow, ensuring the safety of social media accounts will remain a critical priority for protecting users and preventing similar breaches in the future.
