Gnosis’ X account was compromised and used to circulate a fake link, prompting PeckShield to warn users not to interact with the account or click any links posted from it. The warning centered on @gnosis_, the official Gnosis account on X, after suspicious activity was flagged by a community member.
The active threat is phishing, not a confirmed Gnosis protocol exploit. A compromised project account can be used to push fake airdrops, malicious claim pages, wallet-drainer links or urgent signature prompts while the post still appears to come from a trusted ecosystem handle.
No confirmed stolen-fund amount, attacker wallet, smart-contract exploit or GNO token incident had been disclosed at publication time. The immediate user instruction is to avoid the account’s links and ignore any wallet interaction promoted through the compromised handle.
The fake link is the main exposure point. Users who open phishing pages from a compromised crypto account may be asked to connect a wallet, approve token permissions, sign a message or enter recovery information. Any of those actions can put assets at risk even when the underlying chain, protocol contracts and token remain unaffected.
Crypto account takeovers are especially damaging because attackers can abuse years of project credibility in minutes. A familiar handle, verified badge or old follower base can make a malicious post look legitimate long enough for users to sign transactions or approvals before the project regains control.
The Gnosis warning follows a separate security incident earlier this month, when a Gnosis Pay delay-module hack forced emergency user instructions around EURe and GNO exposure. That incident involved a smart-account module path, while the current Gnosis X compromise centers on social-media access and fake-link distribution.
Gnosis-linked users have already faced multiple security headlines in recent weeks. A separate SquidRouterModule exploit drained 86 Gnosis Safes for about $3 million across Ethereum and Base, showing how third-party modules and Safe integrations can create asset-risk paths even when core infrastructure is not the direct point of failure.
The latest account compromise sits in a different category. It does not show that Gnosis Chain failed, that GNO was exploited or that Gnosis smart contracts were drained. It shows that the official communication layer was abused to push a fake link, which can still create immediate wallet-drainer risk for users who trust the account.
At publication time, the active warning covered the compromised @gnosis_ X account and the fake link posted from it. No recovery confirmation, stolen-fund amount or protocol-level exploit had been announced, leaving the user-facing instruction fixed on avoiding the account’s posts, links and wallet prompts until control is confirmed restored.
The post Gnosis X Account Compromised As Fake Link Triggers PeckShield Warning appeared first on Crypto Adventure.
