{"id":11872,"date":"2024-03-22T11:26:22","date_gmt":"2024-03-22T09:26:22","guid":{"rendered":"https:\/\/forklog.com\/en\/ifttt-vulnerability-leads-to-crypto-influencers-accounts-being-hacked-on-x\/"},"modified":"2024-03-22T11:26:22","modified_gmt":"2024-03-22T09:26:22","slug":"ifttt-vulnerability-leads-to-crypto-influencers-accounts-being-hacked-on-x","status":"publish","type":"post","link":"https:\/\/u1f987.com\/en\/ifttt-vulnerability-leads-to-crypto-influencers-accounts-being-hacked-on-x\/","title":{"rendered":"IFTTT Vulnerability Leads to Crypto Influencers&#8217; Accounts Being Hacked on X"},"content":{"rendered":"<p>On March 21, several prominent figures in the crypto industry had their X accounts compromised to promote the scam token PACKY. It is likely that the hacker gained access through the IFTTT (If This Then That) auto-posting service.\u00a0<\/p>\n<blockquote class=\"twitter-tweet\">\n<p lang=\"en\" dir=\"ltr\">This is not me. Account hacked. Working to get it fixed. Don&#8217;t click any links from me or (obviously) send money to a random address. <a href=\"https:\/\/t.co\/yKWnf2Dofd\">pic.twitter.com\/yKWnf2Dofd<\/a><\/p>\n<p>\u2014 Packy McCormick (@packyM) <a href=\"https:\/\/twitter.com\/packyM\/status\/1770794424622006693?ref_src=twsrc%5Etfw\">March 21, 2024<\/a><\/p><\/blockquote>\n<p> <script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>One of the victims was Andreessen Horowitz (a16z) advisor Packy McCormick. In the fraudulent post, the perpetrator urged investment in a new meme token &#8220;with big marketing plans and listings on <span data-descr=\"centralized exchanges\" class=\"old_tooltip\">CEX<\/span>,&#8221; attaching a Solana wallet address.\u00a0<\/p>\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p>&#8220;This is not me. Account hacked. Working to get it fixed. Don&#8217;t click any links from me or (obviously) send money to a random address,&#8221; McCormick stated after regaining access.\u00a0<\/p>\n<\/blockquote>\n<p>Later, the a16z advisor <a href=\"https:\/\/twitter.com\/packyM\/status\/1770796761671479321\">suggested<\/a> that the hacker gained control of the account through IFTTT, to which he &#8220;granted access to Twitter about ten years ago.&#8221;\u00a0<\/p>\n<p>McCormick emphasized the importance of periodically revoking permissions from third-party applications.<\/p>\n<p>IFTTT is a web service launched in 2011 that allows users to set up automated processes on various online platforms and social networks.<\/p>\n<p>Co-founder of the streaming platform Twitch, Justin Kan, faced a similar issue.\u00a0<\/p>\n<blockquote class=\"twitter-tweet\">\n<p lang=\"en\" dir=\"ltr\">Looks like I was hacked, don&#8217;t buy any shitcoins pls<\/p>\n<p>\u2014 Justin Kan (@justinkan) <a href=\"https:\/\/twitter.com\/justinkan\/status\/1770802681214304531?ref_src=twsrc%5Etfw\">March 21, 2024<\/a><\/p><\/blockquote>\n<p> <script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p>&#8220;Looks like I was hacked, don&#8217;t buy any shitcoins pls,&#8221; he wrote.\u00a0<\/p>\n<\/blockquote>\n<p>Coinbase&#8217;s Director of Product, Scott Shapiro, was also hacked. The hacker, posing as him, promoted the same PACKY token, allegedly launched in collaboration with the exchange&#8217;s CEO Brian Armstrong.\u00a0<\/p>\n<blockquote class=\"twitter-tweet\">\n<p lang=\"en\" dir=\"ltr\">Is there anything that says web2.0 more than this list of connected apps?<\/p>\n<p>Frightening how many decade old auth tokens are among these graveyards. <\/p>\n<p>**Revoke All** <a href=\"https:\/\/t.co\/y6ptEK8r2r\">pic.twitter.com\/y6ptEK8r2r<\/a><\/p>\n<p>\u2014 Scott Shapiro ? shapiro.eth (@scottshapiro) <a href=\"https:\/\/twitter.com\/scottshapiro\/status\/1771010026536390918?ref_src=twsrc%5Etfw\">March 22, 2024<\/a><\/p><\/blockquote>\n<p> <script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p>&#8220;Is there anything that says web2.0 more than this list of connected apps? Frightening how many decade old auth tokens are among these graveyards. Revoke All,&#8221; his post stated.\u00a0<\/p>\n<\/blockquote>\n<p>Additionally, the attackers targeted the accounts of Web3 application Rainbow co-founder <a href=\"https:\/\/twitter.com\/mikedemarais\/status\/1770953017442931191\">Mike Demarais<\/a>, Asymmetric Finance CEO <a href=\"https:\/\/twitter.com\/joemccann\/status\/1770931794025590986\">Joe McCann<\/a>, and digital artist Bryan Brinkman.<\/p>\n<blockquote class=\"twitter-tweet\">\n<p lang=\"en\" dir=\"ltr\">Update: Apologies for those scam tweets. My IFTTT account was breached, which had my twitter linked as a connected app and they were able to send out the tweets via that. I immediately deleted the tweets and disconnected connected apps, but they were able to send out 7 scam links\u2026<\/p>\n<p>\u2014 Bryan Brinkman (@bryanbrinkman) <a href=\"https:\/\/twitter.com\/bryanbrinkman\/status\/1770495781155332556?ref_src=twsrc%5Etfw\">March 20, 2024<\/a><\/p><\/blockquote>\n<p> <script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p>&#8220;The lesson I&#8217;ve learned is that even with 2FA and Yubikey, there are always vulnerabilities,&#8221; noted the latter.\u00a0<\/p>\n<\/blockquote>\n<p>On-chain investigator ZachXBT concurred with the suggestion of a vulnerability on the part of IFTTT.\u00a0<\/p>\n<blockquote class=\"twitter-tweet\" data-conversation=\"none\">\n<p lang=\"en\" dir=\"ltr\">They got Packy &#038; Justin Kan earlier today via IFTTT as well. <a href=\"https:\/\/t.co\/GnycqRVPHF\">pic.twitter.com\/GnycqRVPHF<\/a><\/p>\n<p>\u2014 ZachXBT (@zachxbt) <a href=\"https:\/\/twitter.com\/zachxbt\/status\/1770969246585033178?ref_src=twsrc%5Etfw\">March 22, 2024<\/a><\/p><\/blockquote>\n<p> <script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>Previously, the official X account of hardware crypto wallet manufacturer Trezor was hacked to promote a crypto scam. Hackers offered to send funds for the presale of a new token.\u00a0<\/p>\n<p>On March 19, unknown individuals hacked the account of The Open Network blockchain on X and posted a fake announcement about an airdrop.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>On March 21, several prominent figures in the crypto industry had their X accounts compromised to promote the scam token PACKY. It is likely that the hacker gained access through the IFTTT (If This Then That) auto-posting service.\u00a0 This is not me. Account hacked. Working to get it fixed. Don&#8217;t click any links from me [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":11871,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"select":"","news_style_id":"","cryptorium_level":"","_short_excerpt_text":"","creation_source":"","_metatest_mainpost_news_update":false,"footnotes":""},"categories":[3],"tags":[44,40],"class_list":["post-11872","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news-and-analysis","tag-cybercrime","tag-twitter"],"aioseo_notices":[],"amp_enabled":true,"views":"56","promo_type":"","layout_type":"","short_excerpt":"","is_update":"","_links":{"self":[{"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/posts\/11872","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/comments?post=11872"}],"version-history":[{"count":0,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/posts\/11872\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/media\/11871"}],"wp:attachment":[{"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/media?parent=11872"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/categories?post=11872"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/tags?post=11872"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}