Sam Kazemian, founder of Frax Finance, has alleged that an inside job at X was responsible for the hack of the project’s official account.
The breach, which occurred on June 1, led to the decentralized stablecoin protocol behind FRAX USD losing access to its X account.
Frax Finance Hack
In a Telegram post dated June 3, Kazemian mentioned that the Frax Finance team is “reasonably sure” they have identified the perpetrator, described as a “serial scammer” known to blockchain investigator ZachXBT.
“We will try our best to bring that person to justice,” Kazemian asserted. He clarified that the breach was not due to any security flaws or phishing attacks targeting the Frax Finance team. “This was an inside job,” he emphasized.
The incident unfolded on June 1, when the Frax Finance X account was compromised. In an effort to regain control, Kazemian urgently reached out to his followers on X, seeking assistance to contact the platform’s customer service. “If anyone has a direct line to X account/customer service please DM me,” he posted in the aftermath of the hack.
If anyone has a direct line to X account/customer service please DM me, @fraxfinance X account is compromised and appears to be inside job or social engineering within X since no password reset or other issues within Frax itself. Please stay safe and don’t click any X links!
— Sam Kazemian (¤, ¤) (@samkazemian) May 31, 2024
X typically advises users to change their passwords when an account compromise is detected. However, Kazemian claimed that the passwords were not tampered with and that there were no internal security issues within Frax Finance that could have led to the breach. Instead, he pointed to potential social engineering and insider involvement at X.
As of now, the X account of Frax Finance remains active, but no new posts have been visible since the hack. To date, neither X nor its CEO, Elon Musk, has made any official comments addressing the breach.
One X user commented on the situation, emphasizing the need for improved cryptographic authentication features on X to maintain its status as a “home for crypto.”
Insider Bribes Linked to Pump and Dump Scheme
This incident with Frax Finance is the latest in a series of hacks targeting crypto projects, which have allegedly been attributed to insider actions at X. In late May, a crypto trader known as GCR reported a similar compromise of his X account.
“Was notified 2 months ago by someone affiliated with twitter that bribes had been made to get access to my account, and beefed up security then. But there can’t be any security if X employees take money for admin access.” GCR stated.
According to GCR, the attackers took control of his account through bribery and used it to promote a pump-and-dump scheme involving ORDI and LUNA2.
1/ An investigation into how the @sol ($CAT) meme coin team is connected to the @GCRClassic hack from last night.
Minutes before the hack an address tied to them opened $2.3M ORDI & $1M ETHFI longs on Hyperliquid.
Let’s dive in. pic.twitter.com/009BdPBfM1
— ZachXBT (@zachxbt) May 27, 2024
ZachXBT later suggested that the developers behind the Solana-based meme coin CAT might have been involved in that hack. However, it remains to be confirmed whether the same group is behind the attack on Frax Finance.
Binance Free $600 (CryptoPotato Exclusive): Use this link to register a new account and receive $600 exclusive welcome offer on Binance (full details).
LIMITED OFFER 2024 at BYDFi Exchange: Up to $2,888 welcome reward, use this link to register and open a 100 USDT-M position for free!
The post appeared first on CryptoPotato