CoinGecko Faces Brief Compromise as Phishing Scam Targets X Account, Warns Users Against Suspicious Links

cryptonews.com:

Cryptocurrency data aggregator CoinGecko experienced a security breach when their account fell victim to a phishing attack.

During a brief period on January 10, a phishing scam link was posted on their X account, falsely informing users of a CoinGecko token airdrop.

The hackers promoted a new cryptocurrency called GCKO in a fraudulent post, claiming it could be used to pay for API services like the cryptocurrency ANKR. The post included a suspicious link to a token airdrop. CoinGecko acted swiftly to remove the post and alert users to avoid interacting with potentially harmful content.

Our Twitter accounts @CoinGecko and @GeckoTerminal have been compromised. We're taking immediate steps to investigate the situation and secure our accounts.

Please DO NOT click on any links or engage with suspicious content. Your security is our top priority.

We'll keep you…

— CoinGecko (@coingecko) January 10, 2024

CoinGecko further responded by posting a warning on X, stating that their Twitter accounts, CoinGecko and GeckoTerminal, had been compromised. The company took immediate steps to investigate the situation, secure their accounts, and advise users not to click on any links or engage with suspicious content.

UPDATE: We'd like inform you that both our accounts, @CoinGecko and @GeckoTerminal, have been successfully secured.

Despite having 2FA enabled and implementing robust security measures, one of our team members clicked on a fraudulent Calendly link by accident, granting…

— CoinGecko (@coingecko) January 10, 2024

According to CoinGecko, the breach was attributed to a team member inadvertently clicking on a fraudulent Calendly link. This action granted unauthorized access to a hacker, enabling them to post on behalf of CoinGecko.

Des