CertiK Twitter account hijacked by cryptocurrency scammer posing as Forbes journalist

CertiK Twitter account hijacked by cryptocurrency scammer posing as Forbes journalist

Web3 security outfit CertiK has fallen foul of scammers, who managed to hijack its Twitter account to share a malicious link to a fake version of the Revoke.cash project.

WARNING: Our team has found the Uniswap Router contract to be vulnerable to a reentrancy exploit, allowing attackers to move anyone’s tokens if approved to the Uniswap contract.

Use @RevokeCash in order to revoke any vulnerable approvals.

[LINK]

Certik tweet scam

Security-auditing company CertiK, which boasts over 340,000 followers on its main Twitter account, posted a warning that its tweets should not currently be trusted.

Certik tweet

#CertiKSkynetAlert

We are currently investigating a compromise of our X account @CertiK

Do not interact with any posts until we have confirmed the account is secure

The Revoke.cash project also warned about the compromise of CertiK’s account, and directed followers to a thread from last November about the “insane” number of impersonation websites and Twitter accounts it ahd seen masquerading as itself in an attempt to drain cryptocurrency investors’ wallets.

In a later tweet, CertiK shared details of what it believed had happened.

Certik explains

CertiK claimed that one of its employees had been contacted by a Twitter DM by someone posing as reporter with Forbes, asking if they wished to participate in an interview.

Certik forbes dm

A scam link was then shared which went to a bogus version of the Calendly service, which – in order to schedule a meeting – prompted the user to link their Twitter account.

Sign up to our free newsletter.
Security news, advice, and tips.

Fortunately, CertiK realised its mistake within minutes, deleted the tweets made by the scammers, and secured their account.

What’s worth noting is that CertiK’s Twitter account has a gold checkmark, indicating that it is an official organisation or company.

Gold checkmarks are generally considered more trustworthy than blue checkmarks these days, which Elon Musk is happy to sell to any scammer or Tom, Dick, or Nazi who is prepared to cough up a few dollars per month (or use a stolen credit card).

Researchers at CloudSEK recently issued a report about the black market which has emerged offering compromised gold Twitter accounts for around $2,000.

As the report describes, hackers are also compromising dormant accounts, locking out their legitimate owners, and subscribing to a gold checkmark for 30 days in order to sell the accounts to others.

CertiK wasn’t the only tech firm to be struggling with the ownership of its Twitter account in recent days. At around the same time as the CertiK account was hijacked, hackers seized control of cybersecurity giant Mandiant’s account – in order to point followers towards another wallet-draining scam website.


Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.