Animoca Brands Co-Founder Yat Siu’s Account Hacked to Promote Fake Token
The X account of Animoca Brands co-founder Yat Siu was compromised, leading to the promotion of a fictitious token, as reported by the company. Animoca issued a warning on its social media at 01:36 UTC on Thursday, stating that Siu's account was hacked and that there is no official token or non-fungible token (NFT) being introduced.
The likely method of exploitation was a phishing email masquerading as a communication from X regarding copyright infringement, according to ZachXBT, a crypto exploit investigator. He noted similar attacks over the past month resulted in losses totaling approximately $500,000.
The fraudulent post from Siu's account advertised a token named MOCA on the Solana blockchain. The Moca Foundation, described as a community-owned organization aimed at enhancing Mocaverse’s network effects, has its own Moca Coin (MOCA), identified as an omni-chain network token. Mocaverse serves as an account and ID management system, in which both Animoca and Siu hold stakes.
Mocaverse announced that control of Siu's account has been restored by X, which is verifying ownership. Other related accounts remain unaffected. Animoca Brands confirmed that there are no compromises to its official handles or those of the Moca Network or MOCA Foundation, emphasizing strict security measures.
The perpetrators of the fake MOCA token are linked to the memecoin-creation platform Pump.fun and have launched several NFT collections recently. On-chain data indicates that a specific wallet associated with these activities holds about $67,000 worth of USDC stablecoin, although it is uncertain if this amount stems directly from phishing scams.
Oliver Knight contributed reporting to this story.
UPDATE (Dec. 26, 14:52 UTC): Adds wallet data from Solscan in last paragraph.