The official X (formerly Twitter) account of DB (@tier10K), a source known for “Actionable, Market-Moving, Crypto News,” was compromised

The TRUMP token has become a new tool for scammers to promote their attacks. As per Forbes, a malicious email campaign spoofing Binance lured unsuspecting users

The official X (formerly Twitter) account of DB (@tier10K), a primary source known for “Actionable, Market-Moving, Crypto News,” was compromised in a major security breach.

The attackers used the account to conduct pump-and-dump schemes, first promoting the Official Trump (TRUMP) token and later targeting Hyperliquid (HYPE). Despite the breaches, TRUMP's price surged 5.80% to $10.88, while Hyperliquid (HYPE) dropped 8.67% to $12.59, according to CoinMarketCap data.

According to reports, DB's Twitter account was hacked, leading to the posting of fake news. Earlier, DB had reported that the Trump Meme token would have real utility, but the post was later deleted.

Account Takeover: Details Emerge

Journalist Colin Wu (Wu Blockchain) was among the first to report the hack of D's account. The hacker methodically tweeted out bullish news surrounding TRUMP and HYPE to artificially inflate the price of TRUMP before dumping it.

"Obviously hacked. Do not trust any messages for now. Unclear what happened, 2FA/Yubikey etc. all enabled. Will post details when I get them. No connected apps, nothing in access history/sessions, no delegated accounts, not an API key leak (no API post quota used)."

Related: TRUMP Whale Lands $11.8M Profit, Swallows $24M Hit, Yet Keeps Investing

Further elaborating, DB revealed that they had enabled the physical Yubikey 2FA and suspects a compromised X employee could be responsible for the hack. "All keys and sessions have been reset regardless," added DB.

How Did the Hack Happen?

The incident has prompted speculation about the methods used by hackers. A market participant, "Vida," suggested that widely used browser extensions, such as Adblock, might have been compromised to steal cookies, allowing attackers to hijack highly secure accounts.

Others have raised concerns about a potential internal breach within X, where hackers might be exploiting vulnerabilities in employee access.

A Wider Pattern of Attacks

Blockchain investigator ZachXBT has suggested that the same attacker behind this hack was likely responsible for similar breaches. This incident follows a wave of recent hacks involving prominent X accounts, including Dogwifhat (WIF), Jupiter DEX, and Pump.fun, further raising concerns that an attacker is exploiting vulnerabilities through coordinated attacks.

@tier10k mentions that, despite 2FA/YubiKey, etc, all enabled, the account got hacked so this attack is prolly related to all the recent X account hacks (@dogwifcoin, @JupiterExchange, and @pumpdotfun)https://t.co/e8qM30p99c

— ZachXBT (@zachxbt) August 7, 2024

The TRUMP token has become a new tool for scammers to promote their attacks. As per Forbes, a malicious email campaign spoofing Binance lured unsuspecting users into downloading a fake “Binance Desktop” application, which was, in reality, a Remote Access Trojan (RAT).

Related: Altcoin Narratives Dominate: DeFi, L1s, AI Agents & Memes Fuel Crypto Rally

Once installed, the RAT connects to a remote server, allowing hackers to control the infected device, steal stored passwords, and extract sensitive data.