KuCoin Users Lost Thousands in 45-Minute-Long Twitter Hack, Here’s What Happened
Some users of the KuCoin exchange have collectively lost over $22,000 (roughly Rs. 18 lakh) after the Twitter account of the crypto exchange was briefly hacked. Hackers managed to gain control over KuCoin’s Twitter handle for about 45 minutes, fishing for unsuspecting victims. Time and again, crypto-related research reports have highlighted that hackers operating in the space have been swarming in the social networking ecosystem, closely looking for potential victims who actively engage with social media posts and tend to post hints about their investments on public domains.
Hackers, on April 24, breached the Twitter account of KuCoin that had garnered 2.4 million followers since its launch in 2017.
After gaining control over the exchange’s Twitter handle, the hackers posted a fake activity and KuCoin users who happened to engage with this post may have been affected by the losses.
KuCoin recorded a total of 22 transactions amounting to $22,268 (roughly Rs. 18.2 lakh) in the form of 22,000 tokens of the Tether (USDT) stablecoin.
The company is now reaching out to the affected users and has vouched to reimburse them. In an official Twitter thread, the crypto exchange has clarified that the hacking only violated its Twitter account and that all of its other social networking handles as well as its website were safe.
2/ Please note that ONLY KuCoin’s Twitter account was compromised in this incident. We acted immediately to retrieve control of the account from official Twitter support after the incident occurred. We want to reassure you that your assets on KuCoin are secure.
— KuCoin (@kucoincom) April 24, 2023
The company is now looking to add more layers of security to safeguard its users against such malicious activities.
“In addition to Twitter’s existing 2FA, the KuCoin team will implement additional security measures to fortify the protection of our social media accounts. We are also conducting a thorough investigation of the incident with Twitter to prevent similar occurrences in the future,” the company’s Twitter thread noted.
Getting a hold of heavily followed Twitter accounts and then hacking into them to post scam links has become an increasingly adopted trend among scammers.
Back in March, crypto hackers promoted a fake airdrop event of the Ripple (XRP) stablecoin in India, after they hacked the Twitter account of News24. These posts also showed malicious links to unsuspecting victims to click on and expose themselves to financial risks.
Twitter accounts of Prime Minister Narendra Modi, the Indian Medical Association (IMA), and the Indian Council of World Affairs (ICWA) have also been breached previously by crypto scammers to hunt for victims.