CertiK, a prominent crypto auditing firm, faced a recent security breach as its X page fell victim to a hacker attack. The attackers posted a fraudulent Revoke Cash link, redirecting unsuspecting users to a wallet-draining site. This incident stemmed from a vulnerability discovered in the Uniswap Router contract, enabling attackers to manipulate tokens with approval to the Uniswap contract.
The hackers’ strategy involved a deceptive website posing as Revoke.cash, a legitimate tool for managing token approvals. However, Revoke.cash’s official account countered this, asserting that Uniswap itself was not compromised. Speculation arose that CertiK’s X page might have been hacked, as the company had not yet issued a public statement regarding the incident at press time.
This breach follows a prior episode in mid-December 2023 when CertiK’s official website briefly featured a Discord link redirecting users to a fake server embedded with malicious malware. The fraudulent server hosted counterfeit CollabLand bots and malicious software designed to pilfer assets from crypto wallets. Despite community members @PopPunkOnChain and @Burnttoken bringing attention to the discovery, CertiK remained silent on the matter.
Earlier in November 2023, crypto investigator ZachXBT cautioned users about a swarm of bot accounts masquerading as CertiK and Scam Sniffer. These scammers attempted to deceive victims by assuming the identities of reputable entities in the crypto space, signaling a wider network of fraudulent activity.
Powered by Crypto Expert BD
Follow us on Twitter: https://x.com/CryptoExpert_BD
Join our Telegram channel: https://t.me/CryptoExpert_BD
