The vulnerability of the IFTTT autoposting service led to the hacking of crypto influencers in X
Onchain sleuth ZachXBT agreed with the assumption of vulnerability on the part of IFTTT.
On March 21, the accounts of several influential individuals in the crypto industry in X were compromised to promote the PACKY scam token. The hacker probably gained access through the IFTTT automatic posting service (If This then That).
This is not me. Account hacked. Working to get it fixed. Don't click any links from me or (obviously) send money to a random address. pic.twitter.com/yKWnf2Dofd
— Packy McCormick (@packyM) March 21, 2024
One of the victims was Councilor Andreessen Horowitz (a16z) Packy McCormick. In a fraudulent post, the attacker called for investing in a new meme token "with big marketing plans and listings on CEX" by attaching the address of the Solana wallet.
"It's not me. The account has been hacked. We are working to fix this. Do not follow my links and (obviously) do not send money to a random address," McCormick said after restoring access.
Later, a16z advisor suggested that the hacker gained control of the account through IFTTT, to whom he "granted access to Twitter about ten years ago."
McCormick recalled the need to periodically revoke permissions from third-party applications.
IFTTT is a web service launched in 2011 that allows users to set up automated processes on various online platforms and social networks.
Justin Kahn, co-founder of the Twitch streaming platform, faced a similar problem.
Coinbase product director Scott Shapiro was also hacked. On his behalf, the hacker promoted the same PACKY token, which was allegedly launched in collaboration with the exchange's CEO Brian Armstrong.
