Behind Altcoin Tron TRON DAO‘s official X account was seized on May 2 as a result of a sophisticated social engineering attack targeting a member of the team. Immediately after the unauthorized person took over the account, he shared a suspicious smart contract address, sent a large number of DM and started to follow random accounts on the platform. With the recognition of the incident, the Tron DAO management managed to reclaim access to the account, but the hacker continued to send a message and make “promotional” offers over the account. The incident once again revealed the damage to social engineering in the crypto currency world.
How was Tron Dao’s account captured? First claims
Hack attack Firstly, it is reported that he has targeted an employee from the Tron DAO team and has exceeded personal identity steps with convincing scenarios. The user information seized by this method provided directly to the attacker. This “spear type” social engineering technique, which has not yet been fully announced, was carried out through the e -mails and corporate communication channels used by employees in daily workflow.
Tron DAO, immediately after the incident, we never share the contract address from our account, please delete the DMs you received on May 2 ”warning by publishing the community against potential frauds.
Authorities, even after closing the Tron DAO account of Hacker, even after closing the access of @flacadivinaroja and @behisollg X profiles and found that he offered to “share the shipment from the main account”. In Telegram, the US and international law enforcement units continue to reveal the identity of the person who is determined to use @emanabioo pseudonym.
Security measures were raised
Tron Dao spokespersons announced that they had launched a comprehensive internal investigation into the incident and that they were also contacted with the federal authorities. In the first place, measures such as restructuring multi -factor authentication, making social engineering trainings compulsory and limiting critical access points are on the table. The institution aims to increase the awareness of personnel especially against identity hunting scenarios because hackerIt is emphasized that the method used by the method directly aimed at human error.
Sector experts, on the other hand, show that this event should develop more strict procedures against identity hunting and social engineering risks in the crypto currency world.
Although Tron DAO’s rapid intervention ensures the limitation of possible material damage, it may take time to completely eliminate the reputation damage. In the separate examination initiated by the X platform, Hacker’s digital trace is followed with the analysis of suspicious IPs and session times.
Responsibility Rejection: The information contained in this article does not contain investment advice. Investors should be aware that crypto currencies carry high volatility and thus risk and carry out their operations in line with their own research.