TRON X Account Hacked, Scammer Transfers Stolen Funds to OKX Exchange
On May 2, 2025, the official X account of TRON DAO, a prominent blockchain platform, fell victim to a meticulously orchestrated social engineering attack. Unlike breaches stemming from technical flaws, this incident exploited human vulnerabilities, targeting a TRON DAO member to gain unauthorized access to the verified account. The breach shows the persistent threat of phishing scams and the importance of vigilance in the digital space.
Once inside the account, the attacker acted swiftly, posting malicious content, including phishing links and fraudulent contract addresses. Unsuspecting users received direct messages, and the hacker followed new accounts to amplify the scam’s reach. These actions, clear hallmarks of a phishing operation, aimed to deceive TRON’s vast user base, which spans over 275 million account holders and supports a market cap of $23.5 billion. The incident highlighted the allure of TRON’s reputation for malicious actors seeking to exploit its influence.
We’re aware that our X account was compromised from 9:25 AM PST on May 2, 2025. During this time, an unauthorized party published a post containing a contract address (CA), sent direct messages (DMs), and followed various accounts unknown to us.
— TRON DAO (@trondao) May 3, 2025
Please be reminded: TRON DAO will…
Swift Response Mitigates Damage
TRON DAO’s response was immediate and decisive. Upon detecting the breach, the team revoked the intruder’s access and regained control of the account. However, the attacker continued attempts to solicit payments from external users, falsely offering promotional posts from the compromised account.
TRON’s platform team issued urgent warnings, advising the community to disregard any contract addresses or unsolicited messages sent on May 2. They also identified and flagged accounts linked to the attacker, including two on X and one Telegram handle, to curb further harm.
The attacker reportedly used the OKX crypto exchange to funnel the illicit funds they stole, prompting criticism from TRON founder Justin Sun. In a now-deleted X post, Sun called out OKX for its delayed response in freezing the scammer’s account. OKX owner Star Xu responded publicly, emphasizing the exchange’s legal protocols. Xu urged Sun to provide evidence through official channels to enable a temporary freeze, noting that OKX cannot act solely on social media posts or informal requests.
Dear Mr H.E. Justin Sun, OKX has public LE cooperation policy. You can offer some preliminary evidence of the incident through the public reporting channels(https://t.co/PBAP28camy), we will do a temporary urgent freeze according to the evidence. Then you should work with LE… https://t.co/hpAQiyF7SJ
— Star (@star_okx) May 3, 2025
Despite TRON’s rapid recovery, the breach has sparked broader conversations about security. The incident serves as a reminder that even established platforms are not immune to sophisticated scams. TRON DAO has reinforced its guidance, urging users to avoid sharing contract addresses or engaging with unsolicited messages. As investigations continue, the long-term impact on community trust remains uncertain, but TRON’s proactive measures demonstrate a commitment to safeguarding its ecosystem.