.png){kind=logo}
Two popular crypto companies, Tron DAO and Curve Finance, experienced X account takeovers recently. The scams resulted in fraud and financial losses. Tron confirmed scammers stole around $45,000 using its compromised social media handle.
On May 2, hackers hijacked the official Tron DAO X account, publishing a false contract address and asking for payments via direct messages. The company’s security team quickly took back control. However, scammers continued to reach out to users, offering sponsored posts in exchange for payment.
Tron said the breach probably occurred through a social engineering attack on an employee.
The company confirmed the details of the attack in a May 3 post on X after successfully recovering its account:
Tron founder Justin Sun blamed crypto exchange OKX for ignoring a law enforcement request to freeze the stolen funds. OKX CEO Star Xu disputed this, which led Sun to remove his initial post. Tron has since confirmed that law enforcement is now involved in the case.
On May 5, Curve Finance's X account was also compromised. The attacker shared a link for a phishing fake CRV airdrop with a one-week registration window.
Founder Michael Egorov confirmed it was a scam and explained no internal user information or systems were accessed. The company regained access with the assistance of the cybersecurity team SEAL, as elaborated by its official account in an X post:
It is unclear how the attackers gained control of the account when there is no indication of a client-side breach.
The above-mentioned attacks add to a series of recent X account takeovers. Victims include UK MP Lucy Powell, Kaito AI creator Yu Hu, and the memecoin project Pump.fun. In most incidents, attackers abused the compromised profiles to promote malicious crypto tokens or airdrops.
Users and project teams alike must stay alert, as hackers turn to social engineering and stealth tactics to come up with crafty phishing schemes. Always verify account posts, avoid unsolicited DMs. Users should also refrain from sending funds to addresses promoted without prior official communication.
