Hackers Impersonate X Staff Using Compromised Scroll Founder Account
Scroll co-founder Ye Chen’s X account was hijacked in a complicated phishing operation the place attackers posed as platform staff to focus on crypto business figures.
The compromised account, which instructions substantial affect amongst crypto leaders, started distributing fraudulent messages claiming copyright violations and threatening account restrictions until customers clicked on malicious hyperlinks inside 48 hours.
The hackers remodeled Chen’s profile to imitate X’s official branding, updating the bio to reference Twitter and nCino whereas warning followers about safety breaches.
The attackers flooded the feed with reposts from X’s verified accounts to reinforce perceived legitimacy, then launched their phishing marketing campaign through direct messages.
Sophisticated Attack Mirrors Growing Pattern
The breach follows established ways the place hackers exploit trusted accounts to distribute malicious hyperlinks disguised as pressing platform notifications.
Recipients obtained messages showing to come back from X’s rights administration staff, full with faux compliance warnings and time-sensitive appeals processes designed to create panic and bypass safety consciousness.
Blockchain safety researcher Wu Blockchain first identified the compromise and alerted the neighborhood to disregard any communications from the account.
The warning emphasised specific concern given Chen’s intensive community of high-profile cryptocurrency executives, builders, and buyers who may belief messages from his verified account.
The assault represents the newest escalation in social media compromises concentrating on crypto business leaders, through which hackers more and more leverage delegated account entry and expired area registrations to bypass safety measures, together with two-factor authentication.
BNB Chain’s official account suffered a similar breach in October when hackers posted faux reward applications with phishing hyperlinks after Binance co-founder CZ warned followers in opposition to clicking suspicious content material.
The compromised account promoted fraudulent BSC token distributions, promising early payouts to customers who voted on reward dates by malicious URLs designed to empty digital wallets.
Binance co-CEO Yi He’s WeChat account was additionally hijacked in December to advertise meme coin schemes, with attackers conducting a coordinated pump-and-dump operation across the token MUBARA.
Two wallets created hours earlier than the breach accrued 21.16 million tokens earlier than dumping holdings as retail merchants flooded in, netting attackers roughly $55,000 whereas leaving later patrons uncovered to cost collapse.
Changpeng Zhao @cz_binance warned that new co-CEO Yi He’s @heyibinance deserted WeChat account was hacked and used to push a meme coin referred to as MUBARA.#Binance #Memecoins https://t.co/sdyH325OMD
— Cryptonews.com (@cryptonews) December 10, 2025
Among different notable accounts hacked had been ZKsync and Matter Labs, which had been compromised in May by what the staff described as “delegated accounts” with restricted posting privileges.
Hackers printed false claims about an SEC investigation alongside faux airdrop promotions, triggering a 5% drop within the ZK token value regardless of a previous 38.5% weekly rally.
The outstanding crypto media firm, Watcher.Guru additionally confirmed its account breach in March after faux Ripple-SWIFT partnership claims unfold throughout related Telegram, Facebook, and Discord channels by automated content material bots.
The staff suspects the compromise originated from a suspicious hyperlink containing uncommon question strings shared of their Telegram group weeks earlier.
Record Theft Year Exposes Escalating Threats
The crypto ecosystem witnessed over $3.4 billion stolen in 2025, in keeping with Chainalysis’s 2026 Crypto Crime Report, with North Korean state-backed hackers accounting for a document $2.02 billion throughout fewer however more and more subtle assaults.
The Democratic People’s Republic of Korea now represents 76% of all service compromises, bringing cumulative DPRK cryptocurrency theft to $6.75 billion since operations started.
Personal pockets compromises surged to 158,000 incidents affecting no less than 80,000 distinctive victims, triple the 54,000 instances recorded in 2022.
Address poisoning scams drove December’s single-largest loss, when one sufferer transferred $50 million to a fraudulent pockets mimicking their supposed vacation spot, whereas personal key leaks resulted in $27.3 million stolen from multi-signature wallets.
Personal Security Breaches Surge Across Platforms
Most just lately, Ubuntu developer Alan Pope warned that attackers are hijacking Snap Store writer accounts by registering expired domains linked to reliable builders, then pushing malicious updates to beforehand trusted packages.
The approach exploits automated replace methods and established belief alerts, with no less than 2 confirmed instances of wallet-stealing malware distributed by seemingly regular functions.
Hackers are exploiting trusted Snap Store packages to steal cryptocurrency by hijacking current writer accounts.#Hack #Cryptohttps://t.co/YV5Yoiwb0F
— Cryptonews.com (@cryptonews) January 21, 2026
Given these rising, multifaceted assault vectors, Better Business Bureau officers are warning consumers about phishing campaigns that lock X customers out of their accounts and are subsequently used for cryptocurrency promotions.
Kentucky journalist Jennie Rees described receiving direct messages from obvious colleagues requesting contest votes, solely to search out her account posting faux Audi buy claims tied to crypto earnings after clicking the malicious hyperlink.
The publish Hackers Impersonate X Staff Using Compromised Scroll Founder Account appeared first on Cryptonews.
