KOL Jadoodoo's X Account Hacked, Phishing Links Sent to Followers
Severity: Medium (Score: 51.8)
Sources: Panewslab, Chaincatcher
Published: · Updated:
Keywords: account, hacked, phishing, links, goplus, crypto, jadoodoo
Summary
On June 1, 2026, GoPlus issued a security alert regarding the hacking of the X account of Korean streamer Liangxi (@jadoodoo_), a known KOL in contract-based live streaming. The compromised account is sending phishing links to fans, masquerading as collaboration opportunities. Several KOLs have already fallen victim to this attack, with estimated losses totaling around $5,000. Users are strongly advised not to click on any links related to wallet connections or to download any suspicious software. The attack highlights the ongoing risks associated with social media accounts in the cryptocurrency space, particularly for influencers. The situation is still developing as more victims may emerge. Key Points: • KOL Jadoodoo's X account was hacked, sending phishing links to followers. • Estimated losses from the attack are around $5,000, affecting several KOLs. • Users are warned against clicking on links or downloading software from the compromised account.
Detailed Analysis
**Impact** The hacked X account belongs to Korean crypto KOL Liangxi (@jadoodoo_), a contract-based live streamer. Phishing links were sent to her followers, resulting in several KOL victims and estimated financial losses of approximately $5,000. The incident affects the crypto community and followers primarily in Korea, with potential reputational damage to the influencer and associated platforms. **Technical Details** The attack involved unauthorized access to the X account, which was then used to distribute phishing links disguised as collaboration offers. The phishing aimed to steal wallet credentials or deliver malware. No specific malware, CVEs, or infrastructure details were provided. The attack corresponds to the delivery and exploitation stages of the kill chain. **Recommended Response** Defenders should block and monitor all links originating from the compromised account and educate users not to click on suspicious links or connect wallets via unknown sources. Account holders should enforce multi-factor authentication and review account access logs. No patch or specific detection signatures were mentioned; monitoring for similar phishing campaigns is advised.
Source articles (2)
- GoPlus: Crypto KOL Jadoodoo's X account was hacked and phishing links were sent to his ... — Panewslab · 2026-06-01
PANews reported on June 1st that GoPlus issued a security alert stating that the X account of Korean streamer Liangxi (@jadoodoo_), a KOL known for her contract-based live streaming, has been hacked a… - The X account of crypto KOL Jadoodoo has been hacked, and phishing links are being sent ... — Chaincatcher · 2026-06-01
GoPlus issued a security alert stating that the Korean version of Liangxi, contract live broadcast KOL Xibajie @jadoodoo_'s X account has been hacked, and is crazily sending phishing links to fans und…
Timeline
- 2026-06-01 — GoPlus issues security alert: GoPlus confirmed that the X account of KOL Jadoodoo was hacked, leading to phishing attempts targeting fans.
- 2026-06-01 — Phishing links reported: The hacked account is sending phishing links under the guise of collaborations, prompting warnings to users.
Related entities
- Phishing (Attack Type)
- T1566.002 - Spearphishing Link (Mitre Attack)
- X (Company)