Indian crypto exchange CoinDCX’s Twitter account was exploited for over 7 hours weeks ago. The hackers took control of @CoinDCX and kept posting a fake XRP giveaway plan with a phishing link embedded in the message. Pantera-backed CoinDCX with a $2.2 billion valuation is India’s highest-valued crypto exchange.
The compromised status of the trading platform was first flagged by blockchain security watchdog PeckShield after being alerted by a Twitter user. It put out an alert: “Seems like Indian crypto exchange CoinDCX’s Twitter account @CoinDCX was compromised & has been used by the exploiter to share links to fraudulent $XRP GIVEAWAY.”
A screenshot of the hacker’s message was attached to PackShield’s alert on Twitter, which read: “Today we are pumping XRP. To support our community, we are announcing a 100,000,000 XRP GIVEAWAY. Please note: you can receive a bonus once. Please hurry!” Within the message, there was a phishing link.
CoinDCX has over 230,000 followers on its official Twitter account. The exploiters who had removed the official profile picture of the account retweeted several of the official tweets of Ripple Lab’s CEO Brad Garlinghouse to make the XRP giveaway offer look genuine. Later, they posted the phishing link in the user’s reply to the retweets.
After taking note of the exploited state of its Twitter account, CoinDCX put out an alert for its users by another official Twitter handle @CoinDCX_Cares. It informed the users about the exploitation and warned them against clicking on the link being sent by the hackers.
The company was able to take full control of its Twitter account after about seven hours and posted an update informing the users that the hacking had no impact on the organization and customer data.
There have been several incidents of hacking of social media accounts and posting of scam messages with phishing links.
Early last month, hackers took over PwC Venezuela’s Twitter account and shared a scam XRP giveaway. In a carefully coordinated breach, the hackers broke into the Twitter account in the early hours of Sunday and posted 14 scam tweets.
In July, the British Army’s Twitter and YouTube accounts were hacked and BTC and NFT scams were peddled through the compromised accounts. It took several hours to fully restore these social media accounts to their bonafide user.
Indian Prime Minister Narendra Modi’s Twitter accounts were hacked in September 2020 and December 2021. In the first instance, the hackers asked for donations in cryptocurrencies. In the later exploitation, they announced that India has adopted BTC and it has bought 500 BTC to distribute among the people. The message had a similar phishing link.