Decentraland’s X Account Hacked to Scheme Fake MANA Airdrop

The official X account for Decentraland, a virtual reality platform, has been compromised, with hackers promoting a fraudulent MANA token airdrop.

On September 19, PeckShield informed the public via a post on X about the breach of Decentraland’s official account.

Breach Details

The blockchain security firm advised users to refrain from engaging with the account, warning against clicking any links or interacting with its posts. PeckShield also suggested that the cryptocurrency community await further confirmation from Decentraland’s social media channels regarding the restoration of the account’s security.

The attackers apparently disseminated a phishing link masquerading as an airdrop for the platform’s native MANA token to mislead followers.

This link allegedly redirected users to a site where they were asked to claim the airdrop by linking their crypto wallets. However, once connected, users’ funds were at risk, exposing them to potential financial losses.

This phishing scheme, which started early on September 19 at 01:50 a.m. UTC, deceived victims into believing they were participating in a legitimate airdrop.

The malicious post was pinned to Decentraland’s X account, maximizing its visibility. In a sinister move to enhance the scam’s credibility, the attackers disabled comments on the post, absurdly claiming this was to avoid “malicious links.”

Solana Meme Coin Scam

This incident is part of an increasing trend of social media breaches. Just a day earlier, on September 18, several prominent X accounts were hacked, including those belonging to brands and celebrities. The perpetrators used the compromised accounts to promote a scam involving a Solana meme coin called HACKED.

Among the accounts targeted were Lenovo India, film director Oliver Stone, Yahoo News UK, and Brazilian soccer star Neymar Jr. The hackers posted tweets promoting the dubious coin, declaring, “INTRODUCING $HACKED ON SOLANA” and vowing to share the token address on each hacked account to “pump it and generate profits together.”

Blockchain investigator ZachXBT noted that the meme coin’s trading volume was minimal, with the hackers likely obtaining about $8,000 from their actions, despite the extensive reach of the attack.

Data from Dexscreener also showed that HACKED generated merely $279,000 in total trading volume and currently holds a market cap of just $2,600, following a 35% price drop in the hour leading up to this report.

ZachXBT observed that the hackers likely incurred expenses ranging from five to six figures for the operation, which resulted in a financial loss. “A strong candidate for the most incompetent hacker of the year,” the analyst remarked.

He also advised users to regularly review their X account settings and revoke access for any linked applications they no longer utilize, as these apps might serve as entry points for cybercriminals.