A third-party auto-posting service — known as IFTTT (If This Then That) — has been blamed for a new flood of scam posts on X, which encouraged potential victims to send Solana (SOL) to a wallet address for a meme token called “$PACKY.”
On March 21, the X accounts of crypto influencers such as a16z adviser Packy McCormick, Coinbase product director Scott Shapiro, Twitch co-founder Justin Kan, and others had their accounts co-piloted by scammers promoting the spurious token.
McCormick said “This is not me. Account hacked. Working to get it fixed. Don’t click any links from me or (obviously) send money to a random address.”
This followed a malicious post on the account stating, “I’ve created my own memecoin PACKY with big marketing plans and CEX listings," followed by a Solana wallet address.
Shortly after, McCormick said: “Looks like the hacker got in through IFTTT (If This Then That), which I gave access to Twitter like a decade ago,” before adding that it should be fixed now and reminding X users to revoke connected apps.
IFTTT is a web-based service launched in 2011 that allows users to create automated workflows between different internet-based applications and services.
Blockchain sleuth ZachXBT came to the same conclusion, noting after sharing a similar from the X account of Twitch co-founder Justin Kan who later confirmed, “Looks like I was hacked, don’t buy any shitcoins pls.”
Coinbase product director Scott Shapiro was also hacked with a malicious message claiming that he had collaborated with CEO Brian Armstrong to launch the PACKY token.
Shapiro cautioned over connecting older third-party apps:
“Is there anything that says Web 2.0 more than this list of connected apps? Frightening how many decade-old auth tokens are among these graveyards. **Revoke All**”
Related: Scammers steal nearly $1M after hijacking 8+ prominent Crypto Twitter accounts
The hacker had also infiltrated the X accounts of the co-founder of Web3 explorer app Rainbow, Mike Demarais, founder and CEO of Asymmetric Finance Joe McCann, and digital pop artist Bryan Brinkman.
Brinkman apologized for the scam posts confirming that his IFTTT account was breached, which had his X linked as a connected app.
“If you sent money to that scam address please reach out to me, and I will figure out a way to make it right. The lesson I learned here was even with 2FA and Yubikey, there's always vulnerabilities, stay safe,” he added.
Cointelegraph reached out to IFTTT for comment but did not receive an immediate response.
X has been a hotbed of illicit activity, scams, and hacking. Even the SEC’s official account was compromised the day before the regulator approved spot Bitcoin ETFs in January.
Magazine: Why boomers ‘like’ AI pics on Facebook, mind-reading AI breakthrough: AI Eye
