CertiK’s Twitter and Discord Accounts Hacked, Users Warned of Phishing Scams

CertiK banner and a stealer virus image

CertiK, a leading security auditing company for blockchain and smart contracts, has been targeted by hackers who compromised its official Twitter and Discord accounts and posted phishing links to defraud users of their wallet funds. The company has issued a warning to its followers and community members to not click on any suspicious links or enter their private keys or seed phrases on any website.

Hacker Spread Phishing Links

The hack occurred on Wednesday, when CertiK’s Twitter account, which has over 340,000 followers, started tweeting messages that claimed to offer free tokens or giveaways to users who visited a fake website and entered their wallet information. The tweets also tagged several prominent crypto influencers and projects, such as Binance, Coinbase, and Polygon, to lure more victims. The hackers also changed the profile picture and bio of the account to impersonate CertiK’s CEO, Professor Ronghui Gu.

How it Happened

In a Twitter post explaining what happened, the Certik team wrote:

“A verified account, associated with a well-known media, contacted one of our employees. Unfortunately, it appears that this account was compromised, leading to a phishing attack on our employee. We quickly detected the breach and deleted the related tweets within minutes.”

Certik’s Website and Discord Channels Targeted

Around the same time, CertiK’s official website was also tampered with, and the link to its Discord channel was replaced with a fake one that led to another phishing site. The fake Discord channel had over 2,000 members and was also used to spread malicious links and messages to unsuspecting users.

In a related tweet, Zachxbt, an online sleuth wondered why the Certik team member didn’t detect that the contact could have been a hacker. He posted:

“Here is the leaked DM Certik got phished by. Why did you not find the “well-known media” account which contacted you suspicious since they had not posted since April 2020 (clearly compromised)?.”

dm sent to certik

CertiK has since regained control of its Twitter and Discord accounts and deleted the fraudulent tweets and messages. The company has also updated its website and restored the correct link to its Discord channel. CertiK has apologized to its community and advised them to report any suspicious activity or phishing attempts to its support team. The company has also stated that it is conducting a thorough investigation of the incident and will take legal actions against the perpetrators.

Author: Jinka

Jinka is a self-trained crypto journalist, passionate about happenings in the industry.