Cointelegraph
--
Compound Finance's X Account Hacked and Has Posted a Scam Link
The X (formerly Twitter) account for DeFi protocol Compound Finance has been hacked and is now promoting a fake phishing site, according to security-related X accounts Scam Sniffer and Officer's Notes.
At 4:57 p.m. UTC, the account posted an advertisement for "free $COMP tokens," urging readers to click a link provided. The link leads to compound-labs.xyz, a website that looks identical to the protocol's official website at compound.finance, but has been identified as a scam site.
Cybersecurity blogger Officer's Notes posted an alert from their account at 5:14 UTC, urging readers to not click on any links in the post.
FYI the @compoundfinance twitter is compromised and posting a scam link!Check out: @RevokeCash / @web3_antivirus / @wallet_guard / @blockfence_io / @realScamSniffer
— Officer's Notes (@officer_cia) December 29, 2023
Blockchain security platform Scam Sniffer also altered users, stating that "A phishing link (compound-labs[.]xyz) was spotted 16 hours ago" coming from the official X account.
Alert: @compoundfinance's Twitter account has been compromised. Do not click on any links posted from their account.A phishing link (compound-labs[.]xyz) was spotted 16 hours ago.Stay vigilant and ensure the safety of your assets by avoiding suspicious links. pic.twitter.com/yoa1RM4P4E
— Scam Sniffer | Web3 Anti-Scam (@realScamSniffer) December 29, 2023
According to Scam Sniffer's post, the fake phishing site that is being advertised by the hacker is a "Pink Drainer scam website," implying that it is a phishing site that uses the Pink Drainer software to steal users' crypto. The post also states that blockchain investigator ZachXBT has traced funds that have been stolen by the site. The stolen funds have been laundered through the eXch exchange.
This is a developing story, and further information will be added as it becomes available.
At 4:57 p.m. UTC, the account posted an advertisement for "free $COMP tokens," urging readers to click a link provided. The link leads to compound-labs.xyz, a website that looks identical to the protocol's official website at compound.finance, but has been identified as a scam site.
Cybersecurity blogger Officer's Notes posted an alert from their account at 5:14 UTC, urging readers to not click on any links in the post.
FYI the @compoundfinance twitter is compromised and posting a scam link!Check out: @RevokeCash / @web3_antivirus / @wallet_guard / @blockfence_io / @realScamSniffer
— Officer's Notes (@officer_cia) December 29, 2023
Blockchain security platform Scam Sniffer also altered users, stating that "A phishing link (compound-labs[.]xyz) was spotted 16 hours ago" coming from the official X account.
Alert: @compoundfinance's Twitter account has been compromised. Do not click on any links posted from their account.A phishing link (compound-labs[.]xyz) was spotted 16 hours ago.Stay vigilant and ensure the safety of your assets by avoiding suspicious links. pic.twitter.com/yoa1RM4P4E
— Scam Sniffer | Web3 Anti-Scam (@realScamSniffer) December 29, 2023
According to Scam Sniffer's post, the fake phishing site that is being advertised by the hacker is a "Pink Drainer scam website," implying that it is a phishing site that uses the Pink Drainer software to steal users' crypto. The post also states that blockchain investigator ZachXBT has traced funds that have been stolen by the site. The stolen funds have been laundered through the eXch exchange.
This is a developing story, and further information will be added as it becomes available.
Disclaimer: Includes third-party opinions. No financial advice. May include sponsored content. See T&Cs.
Replies 0