CertiK's X account gets hacked, sends out fake vulnerability warning about Uniswap
CertiK appears to have regained control of its account shortly after removing the fake tweets.
Share this article
CertiK Ltd., a blockchain security auditing firm, suffered a security breach earlier today as yet unidentified hackers compromised its official X (formerly Twitter) account to distribute phishing links to its hundreds of thousands of followers.
The breach was confirmed by Revoke.cash, a smart contract tool that provides token approval for cross-chain security.
— Revoke.cash (@RevokeCash) January 5, 2024
The infiltrated CertiK account posted tweets warning users of a fake vulnerability in the smart contract code for Uniswap V3, a prominent decentralized cryptocurrency exchange (DEX). It then directed users to a fraudulent website impersonating Revoke.cash.
In its statement on the breach, Revoke confirmed that Uniswap itself was not compromised. This incident raises questions surrounding CertiK’s own defenses and standard security practices. Just two days prior, the company published its 2023 hacking report, meant to highlight industry threats.
Independent crypto journalist Colin Wu (Wu Blockchain) also confirmed the breach, adding that the official CertiK Discord site was recently hacked and replaced with a fake Discord promoting phishing links. CertiK’s alerts account on X also confirmed that the main account was breached and warned users to avoid interacting with the compromised account.
While the motive behind the hack hasn’t been established, the coordinated effort indicates thieves were attempting to use CertiK’s reputation to lend legitimacy to their phishing scams focused on draining user cryptocurrency accounts.
CertiK appears to have regained control of its account shortly after removing the fake tweets. Despite this, the high-profile breach highlights the crypto industry’s ongoing vulnerability to hackers, which has resulted in stolen funds worth over $3.8 billion in the last year alone. The blockchain security auditing firm has issued a statement about the incident, saying their investigation indicates that the breach is a “large scale ongoing attack” that deploys social engineering through Calendly, a scheduling app.
Simple Security Practices
In light of this incident, here are a few security tips that may be useful to keep in mind, especially when dealing with crypto wallets and decentralized services.
Enable Multi-Factor Authentication
Adding an extra layer of identity confirmation beyond just a password through options like biometrics, security keys or authentication apps can prevent unauthorized account access even if login credentials are compromised. This is recommended especially for social platforms such as X.
Be Wary of Suspicious Links & Attachments
Scrutinize links purporting to offer cryptocurrency services, deals, or Web3 ecosystem news, especially if received over social media. Verify an offer’s authenticity through official channels before clicking. Also, avoid opening unsolicited attachments which may contain malware.
Use a Reputable Password Manager
Storing account credentials in a highly secure, encrypted password manager app helps users create and manage strong, unique passwords for each service, mitigating the effectiveness of password reuse in phishing schemes. Features like auto log-out further limit access, although this might get in the way of ease of use.
Keep Software Up-To-Date
Maintaining current versions of operating systems, antivirus software, and crypto wallet apps ensures known exploits are patched before hackers can capitalize on these vulnerabilities at scale. Automating updates streamlines this maintenance.
Leverage Cold Storage for Holdings
Keeping the majority of cryptocurrency holdings in cold storage hardware wallets disconnected from the internet reduces attack surfaces. Even if account credentials are exposed, funds not held in hot wallets stay secure.
Note: This story is developing. The Crypto Briefing team will update this article as necessary to maintain veracity.