Hackers Breach TRON DAO’s Official Account with Ingenious Tactics

TRON DAO’s official X account faced a sophisticated social engineering attack on May 2nd, targeting a team member. An unauthorized individual took control of the account and shared a suspicious smart contract address, sent numerous direct messages, and started following random accounts on the platform. Despite TRON DAO management regaining access to the account, the hacker continued sending messages and promoting offers through the account. Initial Breach Details: How TRON DAO’s Account Was Hacked The hack reportedly targeted a TRON DAO employee, manipulating personal authentication processes through convincing scenarios. This method granted the attacker direct administrative access. Although the exact technique remains undisclosed, the spear-phishing social engineering method was executed via emails and corporate communication channels used in daily workflows. TRON DAO promptly issued a warning, “We never share contract addresses from our account, please delete any DMs received on May 2nd,” alerting the community to potential scams. Even after restricting access to TRON DAO’s account, authorities discovered the hacker reaching out to X profiles @flacadivinaroja and @behisollg, offering paid postings from the main account. The individual, identified as using the Telegram pseudonym @EmanAbioo, is under investigation by U.S. and international law enforcement to uncover their identity. Enhancing Security Measures TRON DAO spokespersons announced a comprehensive internal investigation alongside coordinating with federal authorities. Measures considered include restructuring multi-factor authentication, mandating social engineering awareness training, and restricting critical access points. The organization aims to heighten personnel awareness against phishing due to the hacker targeting human error. Industry experts perceive this incident as a wake-up call for cryptocurrency world institutions to develop stricter anti-phishing and social engineering protocols. Although TRON DAO’s swift response limited potential financial damage, repairing reputational harm might take time. On the X platform, separate inquiries focus on analyzing suspicious IPs and session durations to track the hacker’s digital footprint.