On January 5, CertiK, a blockchain security and smart contract auditing firm, knock down Victim of cyber attack. The incident occurred on the company’s official CertiK announced that a “verified account associated with a prominent media outlet” had hacked into one of the employee’s X accounts and posted a link to the phishing scam. The company quickly resolved the breach by removing the phishing link within 14 minutes, and there was no significant damage due to the abuse.
The phishing attack was first detected through direct messages received by CertiK employees, which showed signs of danger. Blockchain Detective ZachXBT CertiK contacted said the account had not posted since April 2020, highlighting that it may have been compromised. CertiK, responding to the incident, encouraged those affected by the exploit to contact them, highlighting the difficulty of responding to phishing attacks that exploit human trust and vulnerabilities.
This security breach is especially noteworthy considering CertiK’s role in blockchain security. A day before the incident, CertiK released its 2023 Hack3D Security Report. The report highlights a 50% reduction in cryptocurrency losses, marking a significant milestone for blockchain security. The compromised CertiK account posted tweets about a fake vulnerability in Uniswap V3 smart contract code, directing users to a scam website impersonating Revoke.cash. Revoke.cash confirmed that Uniswap was not compromised, but the incident raised questions about CertiK’s own security practices.
The official CertiK Discord site was also hacked and replaced with a fake Discord promoting phishing links. CertiK subsequently regained control of the account and deleted the fake tweets. But the breach highlights the cryptocurrency industry’s continued vulnerability to hackers, with stolen funds exceeding $3.8 billion last year. CertiK’s investigation into the breach found it was part of a “large-scale, sustained attack” using social engineering through the scheduling app Calendly.
The recent hacking of Web3 security company CertiK’s X account to promote a cryptocurrency wallet drainer highlights a notable irony and concern in the blockchain security landscape. The breach, achieved through social engineering, utilized compromised accounts associated with prominent media outlets. Attackers impersonated journalists and lured CertiK employees with phishing links disguised as scheduling sites, ultimately compromising the company’s accounts. This incident highlights the sophisticated nature of modern phishing scams that exploit human trust and vulnerabilities and raises important questions about the robustness of security measures within businesses related to blockchain and cryptocurrencies.
The use of social engineering in these attacks reflects a growing trend in the cyber world where even security-savvy individuals and organizations are vulnerable. This breach is particularly notable given CertiK’s role in ensuring the security of blockchain technology. This event not only points out the need for heightened vigilance and advanced security protocols in the Web3 space, but also serves as a reminder of the ever-evolving nature of cyber threats in the blockchain ecosystem. The irony of a Web3 security company falling victim to such an attack highlights the universal vulnerability to sophisticated cyber threats and emphasizes the importance of continuous improvement of security practices across the industry.
Image source: Shutterstock