Yat Siu’s X Account Hacked Amid String of Crypto Scams Blockchain gaming giant Animoca Brands has confirmed that its co-founder and chairman, Yat Siu, was the latest victim of a hack on X, formerly known as Twitter. The compromised account was used to promote a fraudulent token, reflecting a larger trend of phishing attacks targeting prominent crypto accounts.
“Unfortunately, [Siu’s] social media account has been compromised”, Animoca posted on X on Dec. 26. In that tweet, the firm made it clear that the announced token launch related to Solana was a scam initiated by the hacker.
Rogue Token Part of Larger Phishing Scheme
The hacked account shared a link to promote a token created on Pump.fun-a Solana memecoin launcher-named Animoca Brands, or MOCA. The name of the token very closely resembled the branding of Animoca and its Mocaverse NFT project, adding another layer to the credibility of the deception.
Blockchain sleuth ZachXBT blamed the incident on a phishing scam blamed for $500,000 in thefts in the last month via such hacks. “The fake MOCA token was deployed by the same address as other fraudulent tokens promoted through hacked accounts”, ZachXBT said on X.
MOCA Token’s Rise and Fall
The scam MOCA token briefly reached a peak valuation of $36,700 before falling to a market cap of $7,700 in a matter of seconds. As of this writing, the token’s value has plunged further to about $6,200, and its trading activity is essentially nil.
Phishing Schemes Leveraging Social Engineering
ZachXBT then explained how the attacks make use of fake copyright infringement notices to take advantage of the victims. An attacker would impersonate the X platform’s team and send emails regarding violations of copyright, while creating urgency. These emails direct victims to phishing websites where they unknowingly reset their passwords and two-factor authentication, providing hackers with access to their accounts.
Series of Crypto-Related Hacks
The Siu breach is the latest in a string of hacks targeting crypto-focused X accounts. The first reported incident happened on Nov. 26 and involved Bitcoin infrastructure provider RuneMine, while another prominent victim was the X account for crypto video platform Kick, which was hacked on Dec. 24.
These hacks illustrate how sophisticated phishing campaigns target the crypto community through social engineering methods and by leveraging industry leader visibility.
