Elon Musk’s X is rolling out a safety characteristic that may mechanically lock any account that mentions cryptocurrency for the primary time — requiring extra verification earlier than posting resumes — a direct response to a wave of account hijacking campaigns exploiting social belief to advertise rip-off tokens.
Abstract
- X Head of Product Nikita Bier confirmed the auto-lock characteristic, saying it targets the monetary incentive behind crypto phishing assaults on the platform
- The measure follows a surge in account hijacking incidents, together with the April 1 compromise of Predictfully founder Benjamin White’s account, which was used to push rip-off content material and extort $4,000 from the actual proprietor
- Bier estimates the characteristic ought to eradicate 99% of the motivation behind present phishing operations and referred to as out Google for failing to dam phishing emails on the Gmail stage
The auto-lock triggers on an account’s first-ever cryptocurrency-related submit. As soon as triggered, the account is locked, and the person should full verification earlier than regaining entry. Bier described it as concentrating on the core assault vector: hackers acquire account entry via phishing emails, lock out the unique proprietor, and use the account’s established follower belief to advertise fraudulent tokens, pretend giveaways, and memecoins.
“This could kill 99% of the motivation,” Bier wrote in response to a person’s account of how they misplaced management of their profile to a phishing assault disguised as a copyright violation discover. The attacker had used a pixel-perfect pretend login web page to reap the person’s credentials and two-factor authentication codes earlier than locking them out and starting rip-off promotion.
What This Targets
Crypto-linked account hijacking on X has been a documented and protracted drawback for the reason that platform’s days as Twitter. The auto-lock builds on earlier platform efforts to eradicate mention-spam campaigns and coordinated account habits utilized in crypto promotions. Lengthy-term customers who’ve by no means posted about cryptocurrency will face verification on their first such submit, whereas legit accounts, Bier indicated, can regain entry rapidly via the method.
Bier additionally publicly criticized Google for permitting phishing emails to succeed in customers via Gmail. “Google isn’t doing shit to cease the phishing,” he wrote — framing the auto-lock as a platform-level workaround to a vulnerability upstream that X can’t straight management.
The U.S. Federal Commerce Fee has documented how social media crypto scams have surged right into a multi-billion greenback drawback, with victims typically unable to get better funds given the irreversibility of on-chain transfers. This structural actuality is what makes hijacked accounts with established follower belief so beneficial to attackers — and what the auto-lock straight targets by severing the hyperlink between account entry and rapid monetization by way of crypto promotion.
Limitations
Critics have flagged that the measure solely intervenes after an account has already been compromised by way of phishing. If e-mail suppliers don’t higher filter phishing emails upstream, the assault chain stays intact. The characteristic might additionally create friction for legit first-time crypto posts from established accounts, although Bier indicated the verification course of shall be temporary for real customers.
As broader crypto hack and phishing losses have proven enchancment in current months — with February 2026 recording the bottom month-to-month complete since March 2025 — the $285 million Drift Protocol exploit this week is a pointy reminder that headline threat stays excessive. X’s new characteristic addresses one particular and high-volume assault vector inside a a lot bigger ecosystem of crypto-linked fraud.
