Giggle Academy's X Account Compromised

Giggle Academy, an educational platform founded by Binance's Changpeng Zhao (CZ), recently fell victim to a cyberattack that compromised its official X (formerly known as Twitter) account.

The breach allowed attackers to spread misleading information, including a false claim about the appointment of a "new CEO" and phishing links designed to deceive followers.

On 16 November, Zhao confirmed the hack, warning the community not to engage with the compromised account.

Giggle Academy, which offers free online courses for grades 1 to 12, focuses on core subjects as well as emotional intelligence, finance, and blockchain.

The initiative aims to provide accessible education to underserved communities.

Giggle Academy's X Account Restored or Compromised Still?

Following the security breach, CZ and the Giggle Academy team, led by CEO Gigi Broverman, have been actively working to regain control of the compromised account.

Their primary goal is to halt the spread of misinformation once the account is restored.

CZ took to X to warn his followers about the dangers of interacting with content online and specifically addressed the false claims regarding the appointment of a new CEO.

Although Giggle Academy suggests the account has been restored, neither CZ nor Co-Founder Yi He have issued an official confirmation.

The community also questioned the legitimacy of the announcement, asking for confirmation.

This breach has heightened concerns around the platform's security, especially given Giggle Academy's mission to provide educational resources to underserved children and teenagers in low-literacy areas.

Ensuring the platform's protection is now a top priority for the institution.

Crypto Phishing on the Rise

The breach of Giggle Academy highlights the escalating phishing problem within the blockchain industry, which has already seen losses surpassing $800 million this year alone.

This breach not only raises concerns about security but also the reliability of online educational resources, particularly in regions with low literacy rates.

According to blockchain security firm CertiK, the rise in phishing attacks can be attributed to more sophisticated methods such as wallet draining and address poisoning.

In 2024, CertiK recorded 247 phishing incidents, with the first quarter seeing the highest number of attacks at 82 cases.

Despite a slight decline in incidents during Q2 and Q3, the monetary losses continue to rise, with over $433 million stolen in Q2 alone and $343 million in Q3.

Q4 is on track to surpass these figures, despite fewer reported cases.

One key trend is the increasing use of advanced phishing techniques, including wallet-draining methods popularised by Ice Phishing.

These methods now incorporate more powerful tools like Angel Drainer and Pink Drainer, which drain tokens by tricking users into granting token-spending permissions.

Another growing threat is address poisoning, where scammers create fraudulent wallet addresses that mimic legitimate ones.

By sending scam tokens to these fake addresses, they manipulate transaction histories, leading users to unknowingly interact with fraudulent addresses.