Blockchain Security Firm Certik Suffers Hack in Ironic Breach

45 views 7:43 am 0 Comments January 6, 2024

Blockchain security firm Certik has had its social media handles compromised and used for a phishing campaign. 

In an ironic development, the X handle for popular blockchain security company Certik suffered a compromise in the early hours of Friday. The hacker used the social media handle to post a phishing message referring users to a malicious website.

The post included a message that CertiK had discovered a vulnerability in the Uniswap router, with users required to revoke access.

However, unsuspecting users who followed the link may have unknowingly connected their wallet to a smart contract that drains their crypto balance.

While CertiK has since regained access to the previously compromised account, the development came as a shock to the cryptocurrency community. Ideally, the company’s role as a blockchain security auditing firm means that users expect it to implement the best operational security practices.

Additionally, the firm came under fire in December for posting a fake Discord link on its website. The link also directed visitors to a crypto account wallet drainer application and was only removed after the community flagged the malicious address.

CertiK Explains Reason Behind Latest Exploit

Several hours after the latest security breach, CertiK shared an update detailing the reasons behind the incident. According to the company, the exploit was the result of a social engineering attack on one of the company’s employees.

Hackers used a verified but compromised X account to reach out to Certik to schedule a meeting. However, connecting CertiK’s Twitter handle to the malicious link gave away the company’s login access to the bad actor.

It took seven minutes for CertiK to detect the hack and another seven minutes to delete the phishing post. Per the update, initial investigations have also been completed, and risks eliminated.

Either way, the latest development reminds crypto users of the value of adopting the best security practices.

Even the most reputable firms can be compromised, and users must acknowledge the possibility and take adequate steps to protect their assets.


Disclaimer: This content is informational and should not be considered financial advice. The views expressed in this article may include the author’s personal opinions and do not reflect The Crypto Basic’s opinion. Readers are encouraged to do thorough research before making any investment decisions. The Crypto Basic is not responsible for any financial losses.

Tags: ,