On March 13, 2025, DB, a prominent crypto news platform, became the latest victim of a high-profile hack on its X (formerly Twitter) account. The attackers used the compromised account to spread misleading and false information regarding Donald Trump’s memecoin (TRUMP) and a fabricated filing by BlackRock for a Hyperliquid ETF. These deceptive posts had an immediate and significant effect on the cryptocurrency market, leading to sharp price fluctuations for both tokens.
Market Disruption
The attack caused a brief but intense surge in the price of TRUMP memecoin, which skyrocketed by 20% before quickly collapsing once the news was debunked. Additionally, the false BlackRock ETF filing for Hyperliquid triggered a 6% price fluctuation for the HYPE token.
According to blockchain analytics firm Lookonchain, a trader attempted to capitalize on the chaos by withdrawing 504,820 USDC from Binance to purchase TRUMP tokens. However, as soon as the truth emerged, the trader was forced to sell the tokens at a loss, resulting in a $26,820 loss in USDC within minutes.
Security Breach and Suspected Internal Vulnerability
Despite DB’s account being secured with YubiKey two-factor authentication, which is generally regarded as one of the most secure methods, the breach raises concerns about a possible internal vulnerability. The platform confirmed that no third-party apps, API key leaks, or other external factors were involved in the hack. Instead, DB suspects that the source of the breach could be a compromised X employee, potentially due to social engineering tactics or internal exploitation.
DB emphasized that, in light of this, it has reset all account keys and sessions, taking immediate action to safeguard the platform and its users. The breach has raised suspicions about the possibility of similar exploits targeting employees at other high-profile crypto-related accounts on X.
Escalating Concern over Social Engineering and Account Security
This hack is not an isolated incident but rather part of a growing pattern of attacks on high-profile crypto-related accounts on X. Other notable incidents have targeted the Dogwifcoin project, Solana-based Jupiter Exchange, and the memecoin launchpad Pump.fun. In these cases, attackers employed tactics such as spreading false information or phishing schemes to manipulate markets or steal funds.
ZachXBT, a prominent blockchain investigator, suggested that social engineering techniques targeting employees at X could be a key factor behind these breaches. He speculated that attackers might be manipulating or tricking X staff into granting access through fraudulent documents or by exploiting weaknesses in internal controls.
Impact on the Crypto Community
These increasing attacks highlight the vulnerability of crypto-related accounts on major social media platforms. The crypto community has long been susceptible to disinformation campaigns, and incidents like these emphasize the need for better security protocols, both on the social media platform side and within the crypto industry itself. Hackers continue to exploit these platforms to manipulate markets, spread false narratives, and deploy phishing attacks, often leading to significant losses for unsuspecting users.
In response to the breach, DB quickly deleted the unauthorized posts and urged users to disregard any information shared during the attack. They reassured the public that steps had been taken to prevent further incidents and to restore security on their platform.
Conclusion
This hack on DB’s X account serves as a reminder of the ongoing risks and vulnerabilities within the intersection of social media and cryptocurrency. While DB’s use of YubiKey two-factor authentication indicates a strong commitment to security, the incident demonstrates that even the best defenses can be compromised, especially when internal threats or social engineering tactics are at play. The crypto industry, and the social media platforms that support it, will need to continue evolving their security practices to protect against these increasingly sophisticated attacks.
