Watcher.Guru, a crypto and finance news platform with 2.9 million followers on X, revealed that its account was hacked, leading to an unauthorized post about Ripple and XRP. The breach, which occurred on March 21, has raised concerns about social engineering and platform security.
Watcher.Guru shared an image of the X post that was sent out by the hackers and automatically sent to several other Watcher.Guru platforms like Telegram and Discord.
On March 5, Watcher.Guru received a suspicious Telegram message containing an official X link with an unusual format. The link, which included a specific path and token query string, was sent by an unknown user. Although the link appeared legitimate, Watcher.Guru reported it to X’s head of cybersecurity, @cstanley, but received no response.
The hack was confirmed on March 21 at 2:05 AM UTC when an unauthorized post appeared on Watcher.Guru’s X account. The post claimed that SWIFT was nearing an agreement with Ripple to use XRP for cross-border payments, with billions of dollars in XRP secured in escrow. The post was quickly deleted, and Watcher.Guru logged out all devices and reset the password.
The unauthorized post was automatically reposted to Watcher.Guru’s other social media platforms, including Telegram, Facebook, and Discord, due to an automated bot that shares “JUST IN” or “BREAKING” posts. Watcher.Guru confirmed that two-factor authentication (2FA) was enabled, no connected apps were used, and no API tokens were compromised.
The exact method of the hack remains unclear, but Watcher.Guru noted similarities to a recent hack of @tier10k. The attackers also blocked Ripple’s official account and CEO Brad Garlinghouse, presumably to delay any response to the false post.
Watcher.Guru has since secured its account and is working with X to investigate the breach. The incident highlights the ongoing risks of social media security vulnerabilities, even for accounts with robust protective measures.
免责声明:本文章仅代表作者个人观点,不代表本平台的立场和观点。本文章仅供信息分享,不构成对任何人的任何投资建议。用户与作者之间的任何争议,与本平台无关。如网页中刊载的文章或图片涉及侵权,请提供相关的权利证明和身份证明发送邮件到support@aicoin.com,本平台相关工作人员将会进行核查。
