TL;DR
-
Hacker Identified: Dogecoin discovers that Patrick, responsible for hacking MyDogeWallet, had already attacked in December.
-
Community Frustration: Salty questions why Patrick’s profile has not been deleted, generating frustration in the community over the hacker’s apparent impunity.
- New Attack and Warning: The hacker used “Delegate Access” in the recent attack on MyDogeWallet. Although he regained control, he is urged to review settings and stronger action is expected from the X team.
The Dogecoin community has shown its bravery by discovering the identity of the person behind the recent hack of the Dogecoin wallet, MyDogeWallet, whose account on the X platform (formerly known as Twitter) was compromised.
This achievement was achieved thanks to the joint efforts of community members, who tracked down the individual behind the attacks.
The person responsible for the hacks was identified as Patrick, Salty, a prominent member of the Dogecoin community, revealed by sharing Patrick’s profile (@manager95439) in a post.
The same "Hacker" did hack mydoge 2 times now and several other websites.
Why has the profile not been deleted by @elonmusk / X after the first incidents?
Seems like the dude is roaming free for several month now without facing any consequences. pic.twitter.com/Gb0W6COXsv
— Still_Salty_624 (@StillSalty624) January 30, 2024
Surprisingly, this hacker had already attacked the MyDogeWallet account in December last year
Additionally, Patrick is also suspected of being behind other hacks, including the account of Ethereum’s Layer-2 scaling protocol, Loopring, in November last year.
Salty expressed frustration by questioning why X’s team had not removed Patrick’s profile since the first hack.
Patrick has apparently been “roaming freely” for several months without facing consequences, according to the community member.
Alex, the Chief Technology Officer (CTO) of MyDogeWallet, confirmed that Patrick’s profile was the hacker’s main account and assured that X’s security team had been notified.
However, as of this writing, Patrick’s account is still active, despite confirmation of his identity.
The recent attack was carried out through the use of “Delegate Access,” a feature added during the first hack that had gone unnoticed until now.
MyDogeWallet reported that they have regained control of the account and removed the hacker’s access.
They also urged users to review the “Delegate Access” section in their X configurations to detect any suspicious activity and avoid possible similar attacks.
The MyDogeWallet team admitted that the hacker managed to access the account through a SIM swap attack during the first hack and revealed that they had not enabled two-factor authentication (2FA), which could have prevented the hack immediately.
Amid uncertainty, the Dogecoin community hopes for stronger action from the X team and raises questions about the security of accounts on the platform.
This incident highlights the importance of constant vigilance and adopting robust security measures to protect users digital assets.
