Nazia Saeed
The official X accounts of Tron DAO and Curve Finance were compromised in a recent wave of high-profile social media hacks, with Tron confirming $45,000 in losses from the attack.
The Tron public relations team confirmed that on May 2, the Tron DAO account posted a contract address and sent direct messages to solicit payments in exchange for promotional advertising on the Tron account. Our security team quickly identified the intrusion and cut off access to the hacker, but we ask the community to continue to be vigilant. We will never ask anyone for payments like this via DM or otherwise, the spokesperson warned.
Based on activity associated with the malicious contract address, the attacker is believed to have collected approximately $45,000 before the breach was halted.
Newsletter
Get weekly updates on the newest crypto stories, case studies and tips right in your mailbox.
Investigation and response underway
Tron DAO stated in a follow-up post that the attack likely stemmed from a malicious social engineering incident targeting a team member. They have since regained full control of the account and are working with law enforcement to further investigate the breach.
Adding to the tension, Tron founder Justin Sun alleged that crypto exchange OKX ignored a law enforcement request to freeze the attacker’s stolen funds. However, OKX CEO Star Xu publicly denied the claim, prompting Sun to delete his original post.
When asked whether the same attacker might be linked to the New York Post’s X account hack on May 3, Tron noted there were “some similarities,” but emphasized that any conclusion would be premature pending a full investigation.
Curve Finance falls victim to similar hack
Just days later, decentralized finance protocol Curve Finance also confirmed its X account had been compromised. On May 5, a now-deleted post promoted a fake CRV token airdrop with a week-long registration window—a move quickly flagged as suspicious by alert users.
Curve founder Michael Egorov responded to confirm the post was fraudulent. Although no other Curve accounts were impacted, the attacker had silently taken over the X account and blocked users, including analyst CrediBULL Crypto, who had flagged the suspicious activity.
Thanks to the efforts of a recovery team that included cybersecurity group SEAL, Curve successfully regained control of its account. The method of the attack remains unclear, but the team reported no indication of a client-side compromise.
A trend of high-profile social media breaches
These incidents are part of a growing pattern of security breaches targeting prominent X accounts in the crypto and political spaces.
- On April 15, UK Member of Parliament Lucy Powell’s account was hijacked to promote a scam token dubbed “House of Commons Coin (HOC).”
- On March 15, crypto data platform Kaito AI and its founder Yu Hu were targeted by scammers who falsely claimed users’ wallets had been compromised.
As the list of hacked accounts grows, these incidents underscore the urgent need for enhanced security protocols and greater vigilance across social platforms.
