QUADRIGA INITIATIVE
CRYPTO WATCHDOG & FRAUD RECOVERY PLATFORM
A COMMUNITY-BASED, NOT-FOR-PROFIT
UNKNOWN
DECEMBER 2024
GLOBAL
ANIMOCA BRANDS
DESCRIPTION OF EVENTS

Animoca Brands focuses on driving digital property rights to build an open metaverse, with various products, research, and initiatives aimed at advancing Web3 technologies. Their vision includes the critical role of culture and ownership in the metaverse, highlighted in their essays on digital ownership and the network effects of the Mocaverse ecosystem. Recent announcements include the success of the Hong Kong-based Web3 game Anichess, and the launch of the EDU Chain mainnet by Open Campus. Animoca also continues to release coverage on blockchain gaming, stablecoins, and the influence of figures like Donald Trump in the crypto space.
"@elonmusk @Support everyone here relies deeply on keeping X as secure as possible & I had my account compromised despite having 2FA security installed what I thought were best practices. Here are my recommendations to prevent this which involves some suggestions for X." "Hacker knew my password, don't know how but assume that breach vector should be secure as I was 2FA secured. He went to https://help.x.com/en/forms/account-access/regain-access/2fa-problem and used my original ID @ysiu and used an e-mail address that was not the registered e-mail address of the account!"
"I simulated this over two accounts and recreated this same scenario and received this on the new email which requires me to confirm logging in over your platform which sends a notification to you that the "owner" requested to login (note it does not verify any further)"
"Most importantly (and easy for X to fix) the actual email address that was registered (I tested this) and the actual owner of the handle received NO NOTIFICATION that there was a 2FA change request made, also no notification over SMS. This feature alone would have probably prevented this particular hack."
"Continuing on, it then asked me on the email (assume that this would be the fake user attempting to get my 2FA account) for more verification as it could not verify that I was the actual account owner the following as attached, including a copy of a valid government issued ID. If this was sent over they can review and process the report."
"All of this is happening while the actual e-mail account or mobile number which was also registered received no notification of any of these requests happening. Something like "did you request to submit a government issued ID?". Now all the hacker needed was a valid ID."
"Valid or even FAKE IDs are fairly easy to get but in my particular case I was phished for one similar to how https://x.com/zachxbt/status/1871543411695599902 describes it but I never input my 2FA instead I was requested to submit my ID to verify my appeal. I was unable to recreate the form as the site no longer creates it at but it was a form that included adding a valid Government ID just as X would request it."
"Once the hacker got my 2FA removed he instantly installed his own 2FA in a fast series of actions while also changing my password all within a minute as can be seen here while also delegating to another account @BrandyMokkdokk which you should seriously investigate as well although its clearly just a dummy account."
"There were of course many things that I should have caught before, such as verifying the URL the lesson here is not to click on these links on a mobile as they get easily obfuscated or do it first thing in the morning or to not handle anything on Christmas Day/Boxing Day because these are prime days for fraud however these strategies are all intentional to try to catch you when you are least aware or perhaps more vulnerable (eg. after a big meal, or late night typically during an assumed celebration such as a holiday event like this one). The point however is that a simple e-mail that would tell you as an SMS and over e-mail that these requests are being attempted would have helped solve it and make it more secure."
"For everyone else out there, from my lesson 2FA security on twitter (does not matter if its a security key) is not secure enough at this moment. Once your account is compromised 2FA can be turned off just by knowing your password. Access to your account settings is NOT 2FA secured (I verified this) and in any event if X removes 2FA based on someone sending an ID impersonating you, you're out of luck. Which means keeping password hygiene remains the most effective method of protecting for the time being i.e. keep changing every month or even every week if you're particularly paranoid."
"Having 2FA may give a false sense of security in that you feel you can be more relaxed because of it which is of course not true. 2FA is just another security layer and you cannot become more relaxed in other areas of security because of it (eg. changing passwords less frequently)"
"Unfortunately @ysiu social media account has been compromised. There is no official token or NFT launch from Animoca Brands. The token launch on Solana as claimed in a post was made by the hacker. Please DO NOT engage with the account and stay vigilant. We will provide an update when the account is restored."
"I want to thank everyone who helped me in this, the great @animocabrands @Moca_Network community, of course the special team at X who helped secure and lock the account (I still don't have access to @ysiu yet) and special shoutout to @9GAG @lucanetz @tylerdurden88 @yusufg amongst many others to help in this in various ways. Web3 is for all of us and we need to work together to make this a safer space for all which is a big part of our vision on making MOCA ID the trust layer of the future internet!"
Animoca Brands focuses on advancing Web3 technologies to build an open metaverse with a strong emphasis on digital property rights and ownership. Recently, co-founder Yat Siu’s X account was hacked to promote a fake $MOCA token. Animoca Brands warned the public about the scam and Yat Siu ultimately restored the account. Siu shared details of how the hacker bypassed 2FA security by exploiting a vulnerability in X’s account recovery process. Despite having strong security measures in place, the breach demonstrated the need for additional safeguards. Siu emphasized the importance of password hygiene and warned that 2FA alone is not enough to prevent account compromise.
Animoca Brands - "Unfortunately @ysiu social media account has been compromised. There is no official token or NFT launch from Animoca Brands. The token launch on Solana as claimed in a post was made by the hacker. Please DO NOT engage with the ac...itter (Jan 30)
Yat Sui - "It's good to be back thank you everyone for your support! For those who want to know the full story on how to safeguard your account on X better see my thread at" - Twitter (Jan 30)
Yat Sui - "I had my account compromised despite having 2FA security installed what I thought were best practices." - Twitter (Jan 30)
Yat Siu X account breach likely part of a string of recent hacks: ZachXBT (Jan 30)
@Harrisbigboy89 Twitter (Jan 30)
@moonknight1o1 Twitter (Jan 30)
@niutonapple Twitter (Jan 30)
@Jackiesmith9053 Twitter (Jan 30)
@lmaoez11000 Twitter (Jan 30)
@zachxbt Twitter (Jan 30)
@CoinDesk Twitter (Jan 30)
@The_8lyxium Twitter (Jan 30)
Yat Siu - "Yes that was the same or similar scam but he never got access to my 2FA (posting from my alter Account) but instead used an ID to impersonate me and then reset 2FA to their devices. @ysiu is locked now and secured although I do not have...itter (Jan 30)
@Jetlag_747 Twitter (Jan 30)
@Procholin Twitter (Jan 30)
@ArtCatDAO Twitter (Jan 30)
@animocabrands Twitter (Jan 30)
Animoca Brands (Jan 30)
Yat Siu - Wikipedia (Jan 30)
