Ranking
Categories
Historical Snapshots
Token unlocks
Yield
Trending
Upcoming
Recently Added
Gainers & Losers
Most Visited
Community Sentiment
Chain Ranking
Market Overview
CoinMarketCap 100 Index
Fear and Greed Index
Altcoin Season Index
Bitcoin Dominance
Crypto ETFs
Overall NFT Stats
Upcoming Sales
New Pairs
Trending Pairs
Meme Explorer
Gainers & Losers
Community Votes
Top Traders
Spot
Derivatives
Spot
Derivatives
Feeds
Topics
Lives
Articles
Converter
Newsletter
CMC Labs
Telegram Bot
Advertise
Crypto API
Site Widgets
Airdrops
Diamond Rewards
Learn & Earn
ICO Calendar
Events Calendar
Academy
Research
Videos
Glossary
Immutable AI Labs appears to have been compromised as it was spotted sharing a risky link for its IMMU token airdrop. Web3 security researchers found other instances of compromised social media profiles recently.
Immutable AI Labs had its social media profile compromised, as discovered by Web3 Antivirus. The inquisition came after Immutable AI’s X account was found spreading a fake link for users to check their eligibility ahead of its new IMMU token airdrop.
The risk is still present, as the Immutable AI X account is still not frozen or suspended. The malicious link was still active hours after the initial posting. The fake link uses a spoof ImmutableAI website, with only a slight difference to the real eligibility checker. The hijacked account has also been spreading the phishing link through replies.
Address checkers do not flag the spoof site as risky, and the Web3 Antivirus tool only flags the risk when trying to connect a wallet.
Hijacked social media accounts are one of the main methods of distributing fake token addresses and phishing links. This time, the mixup also included a fully spoofed website. The Web3 Antivirus service marks the address as risky, containing a wallet drainer and a spoofed Ethereum address that looks legitimate.
Immutable AI Labs hijackers advertising fake IMMU token
For Immutable AI Labs, the IMMU token is not mentioned anywhere else on social media, with no detailed conditions on the airdrop. Immutable AI has nothing to do with ImmutableX, which is a separate project that claims to secure AI training models on the blockchain.
The exploit hinged on the passkey creation, which is not immediately visible to the true account owner. For Web3 and other projects, account recoveries must take into account the potential for access through a passkey, which must be revoked.
As tokens gain value and activity increases, phishing links now have more opportunities to hide in various forms. DeFi activity, token sales, NFT mints, or other Web3 activities are all viable options for creating wallet drainers, fake tokens, or Pump.fun rug pulls.
Aerodrome DEX also impersonated through malicious Google ads
The best approach to avoid these traps is to bookmark the legitimate links for most DEX and DeFi services instead of relying on a Google search every time. Some links may need to be double-checked or, as a last resort, tested with a wallet that does not contain significant reserves.
🚨 Security Alert: We've detected phishing ads impersonating Aerodrome on Google! These scam ads could steal your assets if you connect wallet & sign transactions.
🛡️ Safety Tips:
• Skip Google Ads results
• Bookmark trusted sites
• Never rush into signing transactions pic.twitter.com/OkCg3uK4Zy— Scam Sniffer | Web3 Anti-Scam (@realScamSniffer) November 27, 2024
The popularity of the Base blockchain and its ability to reach valuable assets made hackers post a fake ad for Aerodrome, one of its most active DEXs.
This time, the sponsored content was removed almost immediately. The attack against Base shows the chain has established itself as one of the main stores of value. Until recently, scam tracking services noted more than 95% of exploits targeted Ethereum. Base, as a Layer 2, still carries valuable assets, including USDC tokens.
Solana wallet exploits are even riskier since the signed permission cannot be revoked. Once a drainer controls the wallet with a signed permission, that address is forever tainted and not safe to store any assets, even if the user controls their private keys.