Root-cause analysis not yet published. The incident description below contains all currently available signal — review the attack transaction directly for definitive forensics.
On July 23, the CoinList Twitter account was hacked. Previously, CoinList tweeted that it would launch native tokens, and then Neon EVM tweeted that the CoinList account was stolen and reminded users not to click on any links. On July 25, CoinList has shut down the malicious website for the scam token sale, and the security team is actively investigating and working with all relevant parties, including Twitter's support staff, to regain control of the CoinList Twitter account. CoinList will notify the community as soon as the fix process is complete, currently CoinList still controls all other official social media channels. Attack method (per SlowMist): Account Compromise. Reported loss: -.
- chain
- —
- protocol
- CoinList
- bug_class
- private-key
- date_occurred
- 2023-07-23
- loss_usd
- —
- source_id
- sm:coinlist::2023-07-23