The Twitter account of Indian crypto exchange CoinDCX remained compromised for hours on Tuesday.
Hackers posted a fake XRP giveaway scheme through the exploited Twitter handle @CoinDCX to the exchange’s over 230,000 followers. The giveaway message was interspersed with a phishing link.
CoinDCX Twitter Account Exploited
As CoinDCX tried to take control of its compromised Twitter account, it put out an alert through another Twitter handle, @CoinDCX _Cares.
It was also retweeted by CoinDCX officials, including CEO Sumit Gupta. The message cautioned the followers of the exploited status of its Twitter account and warned them not to click on any link or notice that they may receive from the Twitter handle @CoinDCX today.
To make it look natural, the exploiters were retweeting official posts of Ripple Labs CEO Brad Garlinghouse and replied to tweets with scam/phishing links. Users who click on the links in these posts may lose their funds to the scam.
As the problem persisted for more than five hours after being acknowledged by CoinDCX, the loss to the users may be substantial.
Detected by PeckShield
The problem was first detected and reported by blockchain security company PeckShield on intel provided by a Twitter user @aayushrai11. In a tweet alert, PeckShield said, “Seems like Indian crypto exchange CoinDCX’s Twitter account @CoinDCX was compromised & has been used by the exploiter to share links to fraudulent $XRP GIVEAWAY.”
It also contained a screenshot of the compromised account with the hackers’ message: Today, we are pumping XRP. To support our community, we are announcing a 100,000,000 XRP GIVEAWAY. Please note: you can receive a bonus once. Please hurry!
Spurt in Cyber Attacks
In December last year, Indian Prime Minister Narendra Modi’s Twitter account was briefly compromised, and the hackers posted a similar bitcoin giveaway scam.
The hackers posted a message that said, “India has officially adopted bitcoin as legal tender. The government has officially bought 500 BTC and is distributing them to all the residents of the country.” The message was followed by a phishing link.
Modi’s Twitter account was hacked in September 2020 as well, and the exploiters at that time asked for donations in bitcoin and other digital coins.
Another hacking event involving the social media accounts of the British Army took place in July 2022. The exploiters promoted BTC and NFT scams through the compromised account Twitter and YouTube accounts which were partially restored only after two hours.