DB（@tier10k）的官方X（以前为Twitter）是一位以“可操作，市场动作，加密新闻”而闻名的消息来源。

特朗普令牌已成为骗子促进其攻击的新工具。根据《福布斯》，一个恶意的电子邮件活动欺骗了Binance，吸引了毫无戒心的用户

The official X (formerly Twitter) account of DB (@tier10K), a primary source known for “Actionable, Market-Moving, Crypto News,” was compromised in a major security breach.

DB（@tier10k）的官方X（以前是Twitter）是以“可操作，营销，加密新闻”而闻名的主要来源，在重大安全漏洞中受到了损害。

The attackers used the account to conduct pump-and-dump schemes, first promoting the Official Trump (TRUMP) token and later targeting Hyperliquid (HYPE). Despite the breaches, TRUMP's price surged 5.80% to $10.88, while Hyperliquid (HYPE) dropped 8.67% to $12.59, according to CoinMarketCap data.

攻击者使用该帐户进行泵送计划，首先促进了官方的特朗普（特朗普）代币，后来瞄准了超流动性（HYPE）。根据CoinMarketCap数据，尽管违反了违规，但特朗普的价格飙升了5.80％至10.88美元，而Hyplliquid（Hype）下跌了8.67％至12.59美元。

According to reports, DB's Twitter account was hacked, leading to the posting of fake news. Earlier, DB had reported that the Trump Meme token would have real utility, but the post was later deleted.

据报道，DB的Twitter帐户被黑客入侵，导致了假新闻的发布。 DB早些时候报道说，特朗普模因令牌将具有真正的效用，但后来被删除了。

Account Takeover: Details Emerge

帐户收购：详细信息出现

Journalist Colin Wu (Wu Blockchain) was among the first to report the hack of D's account. The hacker methodically tweeted out bullish news surrounding TRUMP and HYPE to artificially inflate the price of TRUMP before dumping it.

记者Colin Wu（WU区块链）是第一个报告D的账户黑客账户的人之一。这位黑客有条不紊地在推特上发布了有关特朗普和炒作的看涨新闻，以人为地夸大特朗普的价格，然后再倾倒特朗普的价格。

"Obviously hacked. Do not trust any messages for now. Unclear what happened, 2FA/Yubikey etc. all enabled. Will post details when I get them. No connected apps, nothing in access history/sessions, no delegated accounts, not an API key leak (no API post quota used)."

“显然被黑客入侵。现在不信任任何消息。不清楚发生了什么，2fa/yubikey等。所有这些都启用了。当我获得它们时，将发布详细信息。没有连接的应用程序，访问历史记录/会话中没有任何内容，没有授权的帐户，而不是API键泄漏（没有使用API​​ Post Post Prounda（使用API​​ Post Frounda）。”

Related: TRUMP Whale Lands $11.8M Profit, Swallows $24M Hit, Yet Keeps Investing

相关：特朗普鲸鱼的利润为1,180万美元，吞咽2400万美元，但继续投资

Further elaborating, DB revealed that they had enabled the physical Yubikey 2FA and suspects a compromised X employee could be responsible for the hack. "All keys and sessions have been reset regardless," added DB.

进一步详细说明，DB透露，他们使物理Yubikey 2FA和怀疑受损的X员工可能负责黑客攻击。 DB补充说：“无论如何，所有键和会话都已重置。”

How Did the Hack Happen?

黑客是怎么发生的？

The incident has prompted speculation about the methods used by hackers. A market participant, "Vida," suggested that widely used browser extensions, such as Adblock, might have been compromised to steal cookies, allowing attackers to hijack highly secure accounts.

该事件引发了人们对黑客使用的方法的猜测。市场参与者“ VIDA”建议，使用广泛使用的浏览器扩展名（例如Adblock）可能已被妥协以窃取饼干，从而使攻击者能够劫持高度安全的帐户。

Others have raised concerns about a potential internal breach within X, where hackers might be exploiting vulnerabilities in employee access.

其他人则对X内潜在的内部违规行为提出了担忧，黑客可能正在利用员工访问中的漏洞。

A Wider Pattern of Attacks

更广泛的攻击模式

Blockchain investigator ZachXBT has suggested that the same attacker behind this hack was likely responsible for similar breaches. This incident follows a wave of recent hacks involving prominent X accounts, including Dogwifhat (WIF), Jupiter DEX, and Pump.fun, further raising concerns that an attacker is exploiting vulnerabilities through coordinated attacks.

区块链调查员Zachxbt建议该黑客背后的同一攻击者可能造成类似的违规行为。这一事件是在最近的涉及X帐户的近期黑客浪潮之后，包括Dogwifhat（Wif），Jupiter Dex和Pump.Fun。

@tier10k mentions that, despite 2FA/YubiKey, etc, all enabled, the account got hacked so this attack is prolly related to all the recent X account hacks (@dogwifcoin, @JupiterExchange, and @pumpdotfun)https://t.co/e8qM30p99c

@tier10k提到，尽管有2fa/yubikey等，但均已启用，该帐户被黑客入侵，因此此攻击与所有最近的X帐户hacks（@dogwifcoin，@jupiterexchange和@pumpdotfun和@pumpdotfun）https：////////////////e8qm30p999c hacks hacks很大程度上相关。

— ZachXBT (@zachxbt) August 7, 2024

- Zachxbt（@zachxbt）2024年8月7日

The TRUMP token has become a new tool for scammers to promote their attacks. As per Forbes, a malicious email campaign spoofing Binance lured unsuspecting users into downloading a fake “Binance Desktop” application, which was, in reality, a Remote Access Trojan (RAT).

特朗普令牌已成为骗子促进其攻击的新工具。根据《福布斯》，一个恶意的电子邮件活动欺骗了binance，吸引了毫无戒心的用户下载一个伪造的“ binance桌面”应用程序，实际上，该应用程序是远程访问trojan（rat）。

Related: Altcoin Narratives Dominate: DeFi, L1s, AI Agents & Memes Fuel Crypto Rally

相关：altcoin叙述占主导地位：defi，l1s，AI代理和模因加油加密集会

Once installed, the RAT connects to a remote server, allowing hackers to control the infected device, steal stored passwords, and extract sensitive data.

安装后，大鼠连接到远程服务器，允许黑客控制感染的设备，窃取存储的密码并提取敏感数据。