CertiK Ltd., a blockchain security auditing firm, experienced a security breach when hackers gained access to its official X (formerly Twitter) account and used it to distribute phishing links to its large following. The breach was confirmed by Revoke.cash, a smart contract tool that focuses on cross-chain security.

The compromised CertiK account posted tweets warning users about a fake vulnerability in the smart contract code for Uniswap V3, a well-known decentralized cryptocurrency exchange. The tweets directed users to a fraudulent website posing as Revoke.cash. Revoke confirmed that Uniswap itself was not compromised. This incident raises concerns about CertiK’s security defenses and practices.

Independent crypto journalist Colin Wu also confirmed the breach and revealed that the official CertiK Discord site was recently hacked and replaced with a fake Discord promoting phishing links. CertiK’s alerts account on X also warned users to avoid interacting with the compromised account.

The motive behind the hack is still unknown, but the coordinated effort suggests that the hackers aimed to exploit CertiK’s reputation to legitimize their phishing scams and steal users’ cryptocurrency funds.

CertiK managed to regain control of its account and remove the fake tweets. However, this high-profile breach highlights the vulnerability of the crypto industry to hackers, resulting in billions of dollars in stolen funds over the past year.

In response to the incident, CertiK issued a statement stating that their investigation indicates an ongoing large-scale attack that utilizes social engineering through the scheduling app Calendly.

Given this incident, it is important to follow simple security practices when dealing with crypto wallets and decentralized services. These practices include enabling multi-factor authentication, being cautious of suspicious links and attachments, using a reputable password manager, keeping software up-to-date, and leveraging cold storage for cryptocurrency holdings.



This News Article was automatically generated by Bob the Bot (AI)

Information Details
Geography Global
Countries
Sentiment neutral
Relevance Score 1
People Colin Wu
Companies Uniswap V3, Calendly, CertiK Ltd., Discord, Revoke.cash
Currencies Uniswap
Securities None

Leave a Reply