The official Twitter account of India-based crypto exchange CoinDCX, which has around 230,000 followers, has been hacked.
In an attempt to defraud the exchange’s followers, the exploiters posted fake XRP giveaway promos along with phishing links. Since the exploit has been rectified to some extent, there is no telling how many victims the hack has exploited.
PeckShieldAlert, a blockchain analytics firm, revealed on Tuesday about a phishing attack on the exchange’s Twitter account. “Phishing Seems like Indian crypto exchange CoinDCX’s Twitter account was compromised & has been used by the exploiter to share links to fraudulent XRP GIVEAWAY,” Peck Shield mentioned in a tweet.
The hackers have been retweeting Ripple Labs CEO Brad Garlinghouse’s official posts to make their scam look authentic. While doing so, the scammers respond to some tweets with scam links.
That’s not all, the attackers changed the account name, display picture, and other details to match Ripple CEO Brad Garlinghouse’s Twitter account.
CoinDCX’s official customer support handle flagged the exploit and advised users not to click any links or messages sent from the compromised account. According to the exchange, they are working to recover the account and will provide updates to their followers soon.
With the SEC vs Ripple lawsuit nearing its conclusion, taking advantage of the current situation, the hackers announced a 100 million XRP giveaway to support their “community”.
Important Announcement 🚨 🚨 pic.twitter.com/YdD0VH6YkJ
— CoinDCX Cares (@CoinDCX_Cares) September 20, 2022
All changes to the account have been revoked as of now, and the CoinDCX team has deleted the scam tweets.
Scammers hacked PwC Venezuela’s Twitter account just two weeks ago to promote a $XRP giveaway. The tweet appeared to promote “a big event” and was filled with phishing links to a fraudulent Ripple event using Garlinghouse’s images as their thumbnails.
The same day, an Elon Musk giveaway scam plagued an official YouTube account owned by the South Korean government. The account was hacked and renamed SpaceX Invest after it posted fake videos of Musk discussing crypto.
