A sophisticated cybercriminal has stolen roughly $500,000 over the past month by hacking 15 high-profile X (formerly Twitter) accounts, according to blockchain investigator ZachXBT. Notable victims of the attack include Kick, Cursor, Alex Blania, The Arena, and Brett. The attacker leveraged phishing emails impersonating the X team to compromise credentials, bypass two-factor authentication (2FA), and launch fraudulent meme coin schemes.

ZachXBT’s analysis revealed a disturbing trend: each account was breached using phishing emails designed to mimic official copyright infringement notices. These emails created a sense of urgency, urging recipients to visit fraudulent websites where they were tricked into resetting their passwords or disabling 2FA.

After gaining control of the accounts, the attacker used them to promote bogus meme coin projects, luring unsuspecting investors into the scam. Blockchain analysis tied all 15 incidents together via a deployer address used for the fraudulent coins, pointing to a single orchestrator behind the attacks.

The stolen funds were traced across multiple transactions, with the attacker bridging assets between the Solana and Ethereum networks. This strategy was likely aimed at obscuring the origin and flow of funds, complicating efforts to track the money trail.

ZachXBT emphasized the importance of avoiding the reuse of email addresses across services, using security keys for 2FA on critical accounts, and remaining vigilant against unsolicited emails, particularly those that create urgency or request sensitive information. An example shared by ZachXBT illustrated the typical structure of the phishing email. These emails falsely claimed a copyright infringement issue, compelling users to act quickly, which ultimately led to account compromise.

This incident underscores the persistent risks faced by social media users, particularly those in the cryptocurrency space. High-profile accounts are lucrative targets, as they provide a platform for promoting scams to large audiences, resulting in significant financial and reputational losses.

‍