Giggle Academy, an educational initiative founded by Binance founder Changpeng Zhao, fell victim to a cyberattack, resulting in the official X (formerly Twitter) account being compromised. As a result, fraudulent links and false information were spread.
This incident occurred in the context of the young industry facing phishing attacks, one of the causes of significant damage to users.
Giggle Academy Hack Reinforces Growing Phishing Threat
On November 16, Zhao confirm a security vulnerability on Giggle Academy’s X account and advises the community not to interact with the compromised account. The attacker falsely claimed that a “new CEO” had been appointed and shared phishing links to lure victims into checking this fake announcement.
Giggle Academy offers free online courses, from Layer-1 to Grade 12, focusing on core subjects and additional topics such as emotional intelligence, finance and blockchain. The organization’s mission is to support marginalized communities with accessible education.
The Giggle Academy hack highlights the growing problem of fraud in the blockchain industry. This year alone, losses from scams have surpassed $800 million. Blockchain security firm CertiK attributes this increase to increasingly sophisticated techniques such as wallet draining and address poisoning.
CertiK data revealed 247 phishing incidents were recorded in 2024. The first quarter recorded the highest number of attacks, with 82 cases, while the second and third quarters recorded 67 and 65 incidents, respectively. The fourth quarter recorded 33 cases, although it is only half way through.
Although the first quarter had the highest number of attacks, the second quarter led in total losses, with more than $433 million stolen. Losses in the third quarter reached 343 million USD, while the first quarter accounted for 67 million USD. Despite fewer incidents in the fourth quarter so far, the financial impact is expected to surpass the year-earlier numbers.
CertiK highlights a shift in phishing methods, with hackers increasingly using advanced tools. Wallet draining techniques, initially popularized by Ice Phishing, are becoming more powerful. In these scams, users are tricked into granting permission to spend Tokens to evildoers.
Modern variations combine these methods with additional drainers, such as Angel Drainer and Pink Drainer. Angel Drainer’s recent acquisition of Inferno Drainer demonstrates the proliferation of these tools in phishing campaigns.
Another emerging threat is address poisoning, where scammers create fake wallet addresses that look like legitimate addresses. They then send fraudulent Tokens to victims, hoping to manipulate transaction history. When users try to interact with a familiar address, they may accidentally transact with a fake address.