Cryptocurrency platforms targeted by social media attacks
Cryptocurrency platforms continue to be targeted by social media attacks. Two platforms—Tron DAO and Curve Finance—recently fell victim to unauthorized takeovers of their X accounts. These incidents caused financial losses and exposed how easily scammers can manipulate users.
On May 2, a bad actor took control of Tron DAO’s verified X account. The hacker posted a deceptive contract address and messaged users with false offers. Tron confirmed that the scam generated approximately $45,000 before the team regained control. The breach occurred after a Tron team member was tricked into revealing access credentials. Even after losing access, the attacker contacted users off-platform, falsely claiming to represent Tron DAO.
Tron assured users that it will never request payments through direct messages and urged everyone to stay vigilant.
Similarly, on May 5, an attacker took control of Curve Finance’s X account. The hacker posted a link advertising a fake CRV token airdrop. Users flagged the post as fraudulent, prompting Curve to take action. With the help of the cybersecurity group SEAL, the Curve team regained access. Founder Michael Egorov confirmed no internal systems were compromised.
A Growing Pattern and Ongoing Investigations
The Tron DAO breach is part of a larger trend of social media exploitation. Tron noted similarities between its hack and the New York Post breach on May 3, suggesting a possible connection. However, the investigation remains ongoing.
In a related controversy, Tron founder Justin Sun accused crypto exchange OKX of failing to freeze stolen assets, but OKX CEO Star Xu denied the allegations. The Tron team is cooperating with law enforcement to investigate the breach.
These incidents show how vulnerable social media platforms are to scammers who impersonate trusted accounts and manipulate users into transferring funds.
The breaches at Tron DAO and Curve Finance underscore the critical need for enhanced security measures in the crypto industry. These breaches show how social engineering and weak account protections can lead to financial harm. Social media platforms are prime targets for scammers who exploit weak points in security to impersonate trusted entities.
For crypto firms, it’s essential to implement stronger authentication systems, tighten internal access policies, and provide training to employees on recognizing social engineering tactics. Meanwhile, users must remain cautious when interacting with direct messages, verifying messages through official channels, and avoiding suspicious links or payment requests.