The X account (formerly Twitter) of blockchain security company CertiK has been compromised with bad actors posting a phishing link to a wallet drainer.
On Jan 5, it was revealed that CertiK’s X account was a victim of a phishing attack with several calls from the wider community to avoid engaging the links posted during the incident.
The official Twitter account of security auditing company CertiK has been compromised and phishing links are being posted to defraud users of their wallet funds. Not long ago, the Discord on Certik’s official website was also replaced and turned into a fake Discord with phishing… pic.twitter.com/tZYZthxvvc
— Wu Blockchain (@WuBlockchain) January 5, 2024
Blockchain security firm, Wallet Guard flagged the incident noting that the hackers are posting fake masked Revoke Cash links to a wallet drainer with other users adding that engaging with the links could lead to asset losses.
The hackers accessed the X account and posted a Uniswaps router contract with warnings of a re-entrancy exploit asking users to utilize Revoke Cash to “revoke” previous approvals.
“WARNING: Our team has found the Uniswaps router contract to be vulnerable to a re-entrancy exploit, allowing attackers to move anyone’s tokens if approved to the Uniswap’s contact. Use @Revoke Cash in order to revoke any vulnerable approvals.”
Users across social media spaces have criticized the incident based on the fact that a blockchain security firm’s account was compromised and a phishing link shared.
However, in recent times, there have been massive phishing links scams, even involving Ethereum’s co-founder’s account in October 2023. Last year, Vitalik Buterin’s X account was compromised with bad actors using the account to share fake