KEY POINTS
- PeckShield warned users not to click on phishing links posted by the actors on Beoble’s account
- The Beoble team later confirmed the compromise, urging users not to interact with the hacked account
- MicroStrategy’s X account was also hacked last month, resulting in phishing losses of over $400,000
The X (formerly Twitter) account of Web3 chat solution Beoble was compromised Tuesday, a blockchain security firm said, marking the second time in two weeks that a corporate X account was hacked by phishing actors.
“@beoble_official’s X account has been compromised. bbl-distribution[.]com/bbl is a phishing site. Please do *NOT* click on any links until the official team provides further notification,” blockchain security monitoring firm PeckShield first shared on X on Tuesday.
As of writing, a series of posts wherein comments have been turned off “due to malicious links” are still live on the Beoble X account.
“Buckle up beoblers! The first stage of our aidrop is here. All beoble users and holders are eligible to claim. This is only a small portion of the tokens coming next month. Check it out,” reads the first post that PeckShield flagged as a phishing attempt. A link was provided by the hacker to a phishing site.
Several users claimed to have been victimized by the phishing posts on Beoble’s compromised account. “My wallet got drained. This will be a lesson learned for me,” one user said. “Wallet hacked, Hope beoble will take some responsibility and compensate,” said another.
Beoble has since created another temporary account, with the team acknowledging the compromise. “Yes, @beoble_official is hacked, and our team is trying our best to recover,” it said through the new X handle: @beoble_.
The new handle will be used as the official channel for now, the team said, urging users not to interact with any posts from the hacked account. It is unclear if Beoble has started working with X support or law enforcement and other security firms to recover the account.
Beoble CEO Sung Min Cho also confirmed the compromise, asking users to spread news about the hack to prevent others from clicking on the phishing links.
News of the hack came just two weeks after crypto security firms and researchers revealed that MicroStrategy’s X account was “hacked” by actors who posted phishing links to drain the wallets of users who clicked on the links.
The phishing post on the X handle of the world’s largest corporate holder of Bitcoin led to losses of over $400,000, as per blockchain security firms and analysts. MicroStrategy did not address the compromise but removed the phishing post on the same day the hack was carried out.
Web3 anti-scam solution Scam Sniffer on Monday said in its February Phishing Report that around 57,000 victims lost around $47 million to crypto-related phishing scams last month. “Most victims were lured to phishing websites through phishing comments from impersonated Twitter accounts,” Scam Sniffer said in a series of posts on X.