On Tuesday, a leading crypto exchange platform in India CoinDCX faced its Twitter account getting exploited for hours. On the compromised Twitter account, which has over 230,000 followers, hackers posted a fake XRP giveaway plan with a phishing link.
In his official capacity, the hackers were retweeting the CEO of Ripple Labs, Brad Garlinghouse, and they were replying to tweets with scam/phishing links to make it appear legitimate. Users who use the links in these posts risk losing money to the scam.
The loss to the consumers could be significant because the issue lingered for more than five hours after CoinDCX acknowledged it.
The issue was first identified and reported by blockchain security company PeckShield via a tweet alert where it stated, “Seems like Indian crypto exchange CoinDCX’s Twitter account was compromised and has been used by the exploiter to share links to fraudulent $XRP GIVEAWAY.”
Additionally, it included a screenshot of the hacked account with the message, “Today, we are pumping XRP. To support our community, we are announcing a 100,000,000 XRP GIVEAWAY. Please note: you can receive a bonus once. Please hurry!”
CoinDCX posts warning about the exploit
The exchange sent out a warning using another Twitter account, @CoinDCX _Cares, as it attempted to regain control of its hacked account. Officials from CoinDCX, including CEO Sumit Gupta, also retweeted it.
Important Announcement 🚨 🚨 pic.twitter.com/YdD0VH6YkJ
— CoinDCX Cares (@CoinDCX_Cares) September 20, 2022
The message urged the users not to click on any links or notices they might receive from the Twitter handle of CoinDCX at the time due to the account’s exploited condition.
Notably, a similar bitcoin giveaway hoax with a phishing link was briefly posted on Indian Prime Minister Narendra Modi’s Twitter account in December of last year.
As TheCoinRise reported, the message from the hackers read, “India has officially adopted bitcoin as legal tender. The government has officially bought 500 BTC and is distributing them to all the residents of the country.”
Moreover, Modi’s Twitter account was exploited in September 2020 when the hackers asked for donations in Bitcoin and other cryptocurrencies.