Followers of Ethereum-based staking protocol Rocket Pool’s X account have over the past 24 hours found themselves caught in a web of confusion. Hackers took control of the account and used it to spread misleading information about a supposed smart contract breach.
From 6.30 UTC on Wednesday, six alarming warnings have surfaced on the Rocket Pool X account, falsely claiming vulnerabilities in their smart contracts. The warnings advised users to migrate their assets to a new smart contract to ensure safety.
Fake Messages Warning Against Bad Actors Flood In
The messages posted intermittently, warned of bad actors exploiting the protocol’s smart contracts and creating a sense of urgency among users to take immediate action.
“Bad actors are performing fake deposit attacks. Migrate to the new contract below to ensure your assets are safe,” one of the messages said.
Several other users on X pointed out the scam attempt. For instance, the popular account Webacy told users that Rocket Pool’s account was compromised.
“The link goes to a drainer. Do not migrate your assets,” one warning from the account said.
Rocket Pool is compromised. The link goes to a drainer.
Do not migrate your assets. If you need to revoke you can revoke using your Webacy Dashboard.https://t.co/aXHZaQQ2Jq pic.twitter.com/5a1fTQv9qK
— Webacy – Safety Never Sleeps (@mywebacy) January 17, 2024
Rocket Pool Issues Warnings Through Other Comms Channels
Rocket Pool itself also warned users via other platforms that hackers had taken over its X account. Many users helped out by spreading the message on X too:
DO NOT CLICK ANY LINKS FROM THIS ACCOUNT! The Rocket Pool Twitter has been compromised
This is a scam https://t.co/yyeSAKCWai pic.twitter.com/t2zU81clfD
— BraveNewDeFi.lens nexusmutant.eth (@BraveDeFi) January 17, 2024
While Rocket Pool worked to counteract the misinformation, users on X (formerly Twitter) continued to be bombarded with fake warnings.
The incident adds to a recent series of high-profile social media hacks. The X crypto community recently witnessed the compromise of the US Securities and Exchange Commission (SEC) account earlier in January.
As of this writing, suspicious messages can still be found on the Rocket Pool X page, almost 24 hours after the first suspicious message was posted.
However, at least one post has been marked with a “community note” telling users the account has been hacked.
Rocket Pool is a decentralized application (dApp) listed as the fifth-largest on Ethereum. The dApp boasts $3.12 billion in total value locked (TVL).
The post Hackers Mislead Rocket Pool X Users with Bogus Contract Breach Claims appeared first on Cryptonews.