Frax Finance’s X account hacked: CEO suspects insider involvement

5 months ago 41
Hackers exploit token mimicking ENA after Ethena Labs announced a 750M ENA airdrop

A hacker allegedly gained control of the crypto lending platform Frax Finance’s X social media account on June 1 without accessing or tampering with existing passwords.

This breach has raised concerns about the security protocols at X, formerly known as Twitter, and the potential involvement of insiders.

Desperate attempts to regain control

Frax Finance CEO Sam Kazemian quickly took to X to seek assistance in contacting customer service to regain control of the compromised account.

If anyone has a direct line to X account/customer service please DM me, @fraxfinance X account is compromised and appears to be inside job or social engineering within X since no password reset or other issues within Frax itself. Please stay safe and don't click any X links!

— Sam Kazemian (¤, ¤) (@samkazemian) May 31, 2024

Users reported that it typically takes X roughly 72 hours to address complaints related to compromised accounts.

The process involves raising a support request with a linked email address and providing additional information as directed by X’s support team.

Unusual breach method raises suspicions

Kazemian noted that while X recommends changing passwords during such incidents, the passwords associated with the Frax Finance account were not tampered with.

He suspected that the breach was not due to a security flaw within Frax Finance but rather an inside job or social engineering within X.

Kazemian stated,

Frax Finance X account is compromised and appears to be inside job or social engineering within X since no password reset or other issues within Frax itself.

More than 48 hours after the hack, neither Frax Finance nor X representatives have provided updates regarding the account’s recovery.

Kazemian continues to advise users to avoid all website links shared from the compromised X account.

Growing concerns over insider threats

This incident adds to a growing list of crypto projects attributing breaches to insider actions at X.

In a similar event in late May, a crypto trader known as GCR reported that his X account had been compromised through bribery, leading to an ORDI pump-and-dump scheme.

Blockchain sleuth ZachXBT later suggested that developers behind the Solana-based memecoin CAT might be involved in that hack.

Kazemian indicated that his team is “reasonably sure” about the identity of the criminal responsible for the hack, blaming a “serial scammer” known to ZachXBT.

The ongoing investigation highlights the need for enhanced security measures and accountability within social media platforms, especially those frequently used by the crypto community.

The post Frax Finance’s X account hacked: CEO suspects insider involvement appeared first on Invezz

Read Entire Article