Tron DAO has officially confirmed that its primary X (formerly Twitter) account was compromised late Friday evening following a highly targeted social engineering attack against one of its senior communications staff.
In a statement shared early Saturday morning, Tron explained that the attacker impersonated a representative from a prominent blockchain media outlet, convincing a team member to grant access to a third-party scheduling tool. The tool was then used to bypass direct platform logins and post a fake “TRX Anniversary Airdrop” link to over 1.2 million followers.
“The individual behind this breach executed a well-crafted social engineering strategy, including a fake press briefing invitation and forged NDAs,” the Tron team stated. “Once access was obtained, the account was used to spread malicious links that directed users to a phishing site.”
The site, designed to mimic Tron’s official staking dashboard, lured users into connecting their wallets to claim a non-existent airdrop. Several victims have since reported unauthorized withdrawals of $TRX and TRC-20 tokens.
The fraudulent post remained live for just under an hour before the team regained control of the account. Tron has since removed all malicious content and launched a full internal security audit, working with cybersecurity firms to trace stolen funds.
No backend systems, smart contracts, or core infrastructure were affected, the team emphasized. However, the event has sparked renewed concerns over centralized access controls and the risks posed by third-party applications.
Justin Sun, founder of Tron, took to X shortly after the incident was contained, urging users to “never trust sudden airdrop links” and assuring the community that new security protocols, including hardware key requirements, will be implemented across all Tron-managed platforms.
Initial estimates suggest that over $90,000 in user funds may have been stolen, though investigations are ongoing. Users are advised to revoke permissions from any suspicious dApps and remain cautious.
#TronHack #TRXAlert #CryptoSecurity #PhishingAttack #BlockchainNews
