CoinGecko Account Compromised by Phishing Scam
CoinGecko, a cryptocurrency data aggregator, experienced a security breach when their account was targeted in a phishing attack. On January 10, a fraudulent link was posted on their X account, falsely promoting a CoinGecko token airdrop. The hackers created a new cryptocurrency called GCKO and included a suspicious link in the post. CoinGecko swiftly removed the post and warned users not to interact with potentially harmful content.
Immediate Response and Account Security
After discovering the breach, CoinGecko posted a warning on X stating that their Twitter accounts had been compromised. They took immediate action to investigate and secure their accounts, urging users to avoid clicking on any links or engaging with suspicious content.
Unauthorized Access through Phishing Link
CoinGecko attributed the breach to a team member accidentally clicking on a fraudulent Calendly link. This granted unauthorized access to the hacker, who then posted on behalf of CoinGecko. Despite having two-factor authentication (2FA) enabled and robust security measures, the inadvertent click allowed the breach to occur.
Apologetic Statement and Commitment to Security
CoinGecko expressed their apologies for any confusion caused by the incident and emphasized their dedication to platform security and internal control improvement. Steps were taken promptly to rectify the situation and ensure user safety.
SEC Twitter Account Hacked in Bitcoin ETF Scam
In a similar incident, the U.S. Securities and Exchange Commission’s (SEC) Twitter account was compromised. Scammers posted a fake message about Bitcoin spot exchange-traded fund (ETF) approvals from SEC Chair Gary Gensler. The lack of 2FA tied to the SEC’s account allowed the breach to occur.
Spot Bitcoin ETF Approvals and Website Confirmation
The SEC has indeed approved spot Bitcoin ETF applications from various companies, despite initial uncertainty caused by the hacking incident. The legitimacy of the approvals was confirmed when the SEC website came back online after a brief downtime.
Persistent Concerns about SIM-Card Swap Attacks
Web3 communities remain concerned about SIM-card swap attacks, where attackers gain control of social accounts associated with targeted phone numbers. This type of unauthorized access can lead to compromise and potential financial losses.
Hot Take: CoinGecko Takes Swift Action against Phishing Scam
CoinGecko faced a brief compromise when their account fell victim to a phishing scam. However, they acted swiftly to remove the fraudulent post and secure their accounts. The incident serves as a reminder for users to be cautious of suspicious links and engage in safe online practices. CoinGecko’s commitment to platform security and prompt response demonstrates their dedication to user safety in the crypto community.
By
By
By
By
By