Hackers takeover Azuki’s Twitter account, steal over $750K in less than 30 minutes

Azuki, a popular nonfungible token (NFT) project, had its Twitter account compromised on Jan. 27 leading to hackers stealing over $750,000 worth of USD Coin (USDC) by posting a malicious “wallet drainer link” posed as a virtual land mint.

Hackers stole $751,321.80 USDC from a single wallet within half an hour of the malicious links being tweeted, according to Etherscan data provided to Cointelegraph by crypto wallet security firm Wallet Guard.

The data also revealed that hackers stole a further $6,752.62 worth of USDC from various wallets holding 11 NFTs and over 3.9 Ether (ETH).

Wallet Guard stated that the total amount stolen was $758,074.42.

Emily Rose, community manager for the anime-inspired NFT project confirmed via Twitter on Jan. 27 that the Azuki account was hacked, warning users not to click any links from Azuki’s Twitter account.

AZUKI OFFICIAL TWITTER ACCOUNT IS HACKED.DO NOT CLICK LINKS FROM OUR ACCOUNT.PLEASE RETWEET.

— Rose | | ⛩️NGL (@emilyrosemcg) January 27, 2023

Azuki’s head of community and product manager Dem explained on a Twitter Space hosted by Wallet Guard on Jan. 27 that scammers were able to “post a wallet drainer link,” after gaining control of Azuki's Twitter account.

Dem urged users to “stay safe and stay suspicious” while the team attempted to regain control of the account.

Several hours later Azuki stated that it had regained control of its Twitter account via a tweet:

1/ The @AzukiOfficial Twitter was compromised today. A series of malicious tweets were posted during the morning of Friday, Jan 27th (Pacific Time). The team has regained control of the @AzukiOfficial Twitter. Details below

— Azuki (@AzukiOfficial) January 27, 2023

This was confirmed by Rose and Dem retweeting the announcement.

Liz Yang, head of growth at Chiru Labs, the company behind Azuki, told Cointelegraph that the team is “currently in contact with Twitter and investigating the breach,” noting that Azuki “will provide an update once we have more information.”

Related: Hackers take over CoinDCX Twitter account, promote fake XRP ads

Ohm Shah, co-founder of Wallet Guard, told Cointelegraph that “it does not matter” if an account is official or verified, users should treat everything as suspicious until proven otherwise. Shah noted:

“Don’t be the first person that clicks the link. It’s better to be paranoid in Web3 than not.”

Upon Azuki regaining control of the account, it emphasised to its followers in a tweet to always “go out on several channels” to confirm announcements.

It also noted to reach out to the Azuki "mod team" on Discord when in doubt.

This news comes after stock trading platform Robinhood’s Twitter account was compromised on Jan. 25.

The hackers pushed Robinhood’s followers to each pay $0.0005 for a token called “RBH” on the BNB Smart Chain.

Conor Grogan, the head of product business operations at Coinbase, tweeted that at least 10 people had purchased approximately $1,000 worth of the scam token before the tweet was removed.

Targeted phishing scam nets $438K in crypto and NFTs from hacked Beeple account   May 23, 2022
North Korean hackers stealing NFTs using nearly 500 phishing domains   Dec. 26, 2022
Jump Crypto replenishes funds from $320M Wormhole hack in largest-ever DeFi 'bailout'   Feb. 3, 2022
STEPN impersonators stealing users' seed phrases, warn security experts   April 25, 2022
'Haunts me to this day' — Crypto project hacked for $4M in a hotel lobby   Feb. 7, 2023