Users Warned About Fraudulent Contract Addresses and Unsolicited Messages

The team behind TRON, one of the world’s largest blockchain networks, has officially confirmed that its account on social media platform X (formerly Twitter) was compromised on May 2, 2025, following a social engineering attack. The hackers used the breached account to distribute a suspicious smart contract address and send direct messages to followers. The incident highlights the growing threat of social engineering in the cryptocurrency industry and the need for increased vigilance from both users and organizations.

Details of the Breach and Fraudulent Scheme

The attack began at 9:25 A.M. PST, when a hacker gained access to TRON’s official X account and started posting a suspicious smart contract address. Simultaneously, the perpetrator used the compromised account to send direct messages to followers, attempting to expand the scope of the fraud.

TRON DAO later revealed that the attacker had manipulated a team member to gain access to the account. Using the hijacked profile, the scammer promoted a fraudulent contract and actively engaged with users, seeking to involve as many people as possible in their scheme.

“This was a classic example of a social engineering attack, where malicious actors manipulate employees to obtain confidential information or access,” comments Elena Smirnova, a cybersecurity expert in the blockchain industry. “Even the most technically secure systems are vulnerable to the human factor.”

The type of fraud promoted through the hacked account was presumably a classic “rug pull” scheme, where investors are enticed to put funds into a fraudulent smart contract, after which the perpetrators disappear with the collected funds. Such attacks are becoming increasingly sophisticated, exploiting users’ trust in official communication channels of major projects.

TRON’s Response and Incident Investigation

TRON quickly responded to the hack and regained control of its account. The team immediately issued a warning to its users:

“TRON DAO will never post contract addresses or send unsolicited DMs.”

The organization also advised users to disregard any messages received from the official account during the compromise and warned of the need to exercise caution when interacting with any posts or messages allegedly coming from TRON or related projects.

TRON is currently working with law enforcement to investigate the incident. The team has already managed to identify several X and Telegram accounts linked to the attacker, which may help in apprehending those responsible.

TRON founder Justin Sun also publicly called on cryptocurrency exchange OKX to freeze funds associated with the attack and shared the DAO’s security warning with his followers, adding: “Be safe.”

“We are taking this incident very seriously and strengthening our internal security protocols to prevent similar situations in the future,” TRON’s official statement reads. “We also encourage the entire cryptocurrency sector to learn from such incidents and improve their protective measures.”

Social Engineering as a Growing Threat in the Crypto Space

The TRON incident is part of a broader trend of increasing social engineering attacks in the cryptocurrency industry. Over the past year, similar attacks have been recorded against several major projects and exchanges, including a recent incident with Binance and the hack of Solana’s official Telegram channel in March 2025.

Andrei Kovalev, head of security at blockchain consulting company BlockShield, notes: “We’re observing an evolution in attacker tactics. While they previously focused mainly on technical vulnerabilities in smart contracts or infrastructure, they are now increasingly targeting the ‘human layer’ of defense—employees with access to critical resources.”

According to CryptoDefense’s report for the first quarter of 2025, more than 60% of successful attacks on cryptocurrency projects began with social engineering methods, including phishing, pretexting (impersonation), and targeted manipulation of employees.

For cryptocurrency users, experts recommend following several basic security rules:

1. Never trust unexpected messages about lucrative offers, even if they come from official accounts.
2. Always verify smart contract addresses through multiple independent sources.
3. Use hardware wallets for storing significant amounts.
4. Enable two-factor authentication on all accounts.
5. Regularly monitor projects’ official channels for security warnings.

The TRON incident also coincided with Coinbase’s announcement about delisting five tokens on May 16, which led to additional nervousness in the market and created a favorable environment for scammers seeking to take advantage of uncertainty and fear among investors.

As the value of digital assets grows and the industry expands, cybersecurity issues are becoming increasingly critical for the sustainable development of the entire blockchain technology ecosystem. The TRON case serves as another reminder that even the most technologically advanced projects can fall victim to primitive but effective social engineering methods if proper attention is not paid to employee training and the creation of a robust security culture.