Certik’s Twitter Account Hacked, Phishing Link Shared to Scam Users
Certik, a leading blockchain security and smart contract audit firm, suffered a cyber attack on its official Twitter account on January 5. The hacker posted a phishing link to a fake Revoke website, claiming that Uniswap, a popular decentralized exchange, was vulnerable to a re-entrancy exploit. The hacker urged users to use Revoke Cash, a web3 security tool, to revoke vulnerable approvals.
The phishing link was deleted shortly after, but not before some users may have clicked on it and exposed their wallet funds to the hacker. The hacker also replaced the Discord link on Certik’s official website with a fake one containing phishing links.
The attack was a surprise, as Certik is a well-known and reputable firm in the blockchain industry, providing security and audit services to many projects and platforms. Certik had also recently released its 2023 Hack3D security report, which highlighted a 50% decline in crypto losses due to hacks and scams, and called it “a significant milestone in blockchain security.”
How the Attack Happened and How to Avoid It
According to Wu Blockchain, a Chinese reporter who was among the first to break the news of the Certik attack, the hacker may have compromised Certik’s Twitter account by using a phishing email or a SIM swap attack. The hacker then used the account to post a phishing link to a fake Revoke website, which looked identical to the real one.
Source: X
The phishing link claimed that Uniswap was vulnerable to a re-entrancy exploit, which is a type of attack that allows hackers to withdraw funds repeatedly from a smart contract before the balance is updated. The hacker asked users to use Revoke Cash, a web3 security tool that allows users to revoke any unwanted or risky approvals of their tokens, to protect their funds.
However, the phishing link led to a wallet drainer, which is a type of scam that transfers all the funds from a user’s wallet to the hacker’s wallet. The hacker may have also used the phishing link to collect the private keys or seed phrases of the users, which would give them full access to their wallets.
To avoid falling for such phishing scams, users should always check the URL of the website they are visiting, and make sure it is the correct and official one. Users should also avoid clicking on any suspicious links or attachments, and use a trusted antivirus or web3 security tool to scan their devices and browsers. Users should also enable two-factor authentication and use a hardware wallet to store their funds securely.
Certik’s Response and Recovery Efforts
Certik acknowledged the hack and said it was working with Twitter and other security experts to investigate the incident and recover the account. The company also warned users to ignore any messages or requests from its Twitter account until it is restored and to report any suspicious activity to its official channels.
A blockchain security and audit firm also thanked the Revoke Cash and Wallet Guard teams for their prompt response and assistance in alerting and protecting the users from the phishing scam. Certik also thanked the community for its support and understanding and apologized for any inconvenience caused by the hack.