Rocket Pool's X account compromised

The X account of the Ethereum staking protocol Rocket Pool was hacked on Jan. 17, with the exploiter asking users to migrate their assets via a malicious link

Rocket Pool’s hijacker posted a message detailing smart contract vulnerabilities spotted by the supposed team. The post asked users to click on a link to migrate their assets to a version 2 contract to avoid losses.

The Rocket Pool team confirmed the incident on Discord, warning users to avoid interacting with any links posted by the account until further notice

Any possible losses suffered or stolen cryptocurrencies were yet unknown at press time.

Rocket Pool team warns users via DiscordThis year, the exploit is already one of several hacks following attacks on entities like CoinGecko. The cryptocurrency price aggregator reported a breach of its X account on Jan. 10

The United States Securities and Exchange Commission (SEC) account was also compromised on Jan. 9, as hackers posted a false spot Bitcoin ETF approval announcement. SEC Chairman Gary Gensler said no further breaches were identified while Senators demanded clarity. Also, the FBI is reportedly involved in investigations concerning the SEC hack.

Days before the SEC’s security breach, the Twitter account of Polychain Capital CEO Olaf Carlson-Wee was infiltrated by hackers promoting a fake airdrop link. Breaches like these highlight a broader security concern in crypto, as stakeholders are targeted and some protocols are susceptible to attack vectors like sophisticated social engineering.

Moving into a bull run characterized by a defi resurgence and a wave of retail capital spurred by institutional adoption, crypto security may be a pain point for mass adoption.