The official Twitter handle of the cryptocurrency exchange KuCoin fell victim to a security breach on Monday, leading to the loss of over $22,600 worth of users’ funds.
How Did It Happen?
In the early hours of Monday, KuCoin’s Twitter account was compromised by hackers. The bad actor(s), who had control over the social handle for 45 minutes, used it to host a fake marketing campaign. Likely using a phishing attack to redirect victims to a fake website, the hackers stole 22,628 USDT from their prey within 22 transactions.
While KuCoin worked with Twitter Support to retrieve its Twitter handle, it announced its dilemma on its Telegram channel and KuCoin Support Twitter page. It urged users to avoid interacting with any marketing campaign posted through the exploited account. It also noted that the official Twitter page is the only affected platform and that users’ funds are safe.
KuCoin declared that it would make all affected users whole. The platform instructed that these ones communicate with the KuCoin Support team. The exchange also noted that it is “examining and blocking suspicious addresses” that could be tied to the attack.
The crypto custodian added that it would fortify its Twitter account with more security aside from Twitter’s existing two-factor authentication.
“We are also conducting a thorough investigation of the incident with Twitter to prevent similar occurrences in the future,” the exchange said.
Johnny Lyu, the CEO of KuCoin, also apologized to the community. He acknowledged that most users identified the inauthenticity of fake marketing schemes and refrained from engaging with them, thereby saving themselves from falling prey.
Not the First Time
This is not the first time KuCoin’s official Twitter handle will be hacked. The platform was once hacked in 2020, alongside a handful of other crypto-related platforms.
Some included Binance, Gemini, Coinbase, Ripple, and more. Twitter eventually rectified the fault. Still, that has not hindered bad actors from exploiting the social media handles of crypto entities. In January, for example, the crypto-affiliated platform Robinhood was hacked for malicious activities.
