CertiK’s account with over 340k followers has apparently posted a malicious link, urging followers to use it to safeguard from a cyber incident.
A crypto auditor CertiK has become the latest victim of a hacker attack, posting on its X page a fake Revoke Cash link, redirecting users to a wallet drainer. In a now-deleted post, CertiK alerted users about a vulnerability in the Uniswap Router contract, which “was allowing attackers to move anyone’s tokens if approved to the Uniswap contract.”
In an attempt to attract victims, hackers included a link to a deceptive website posing as Revoke.cash, an online tool for managing token approvals.
Revoke.cash’s official X account refuted the statement, suggesting that CertiK’s X page may have been hacked, as Uniswap “is not compromised.” As of press time, CertiK has not issued a public statement on the matter.
In mid-December 2023, crypto.news reported that CertiK’s official website also temporarily featured a Discord link, which redirected users to a fake server with malicious malware. According to blockchain community members @PopPunkOnChain and @Burnttoken, who brought attention to the discovery, the fraudulent server hosted a counterfeit CollabLand bot and malicious software designed to steal assets from crypto wallets. However, CertiK made no public comments since then about the incident.
In November 2023, crypto sleuth ZachXBT warned users about a “large network of bot accounts” that impersonated crypto detectives on X. According to multiple reports, scammers tried to trick victims by pretending to be CertiK and Scam Sniffer.