The Algorand Foundation, based in Singapore, recently experienced a security breach, with CEO Staci Warden’s X account being compromised on January 26. The foundation’s official account cautioned against clicking links or responding to direct messages from Warden’s account, stating they were working on recovery.
Amidst this breach, the hacker posted inappropriate and racially charged content, urging followers to sell Algorand’s $ALGO and buy Ethereum’s $ETH. Furthermore, the attacker fabricated statements involving Justin Sun, CEO of Tron. These false claims suggested Sun’s intention to boost Algorand by introducing TUSD (TRUE USD) and VRUSD (VERY REAL USD) on its platform in exchange for control over the network and token minting rights.
However, as of press time, there were no reports of fund losses or other illegal activities connected to this incident.
This event is part of a worrying trend of cyberattacks targeting the cryptocurrency sector. On the same day, CryptoLaw reported the hacking of Crypto Eri’s X account, warning against engaging with her recent posts about a fake XRP airdrop. Although initially concerning, CryptoLaw later confirmed the recovery of her account.
Earlier in the month, the cryptocurrency market experienced turmoil following a misleading announcement on the U.S. Securities and Exchange Commission’s (SEC) X account. It falsely claimed the approval of Bitcoin spot ETFs, momentarily boosting Bitcoin’s value. However, SEC Chair Gary Gensler quickly refuted this, leading to a decline in Bitcoin’s price.
The SEC revealed that its X account was compromised due to “SIM swapping.” Notably, six months before the breach, multi-factor authentication (MFA) was deactivated and only reinstated post the January 9 incident.
Additionally, a sophisticated phishing campaign has defrauded victims of over $580,000. Major Web3 companies, including WalletConnect and Token Terminal, have been impersonated via emails. WalletConnect’s COO, Jess Houlgrave, confirmed the misuse of the company’s email address for phishing. Cybersecurity firm Hudson Rock linked these attacks to a CRYPTBOT Infostealer malware found on a MailerLite employee’s computer, suggesting a possible breach of MailerLite’s servers for data theft.
