Last updated on June 6th, 2026 at 01:30 pm
Supra has confirmed that its official X account was accessed without authorization, leading to the spread of a fake announcement promoting a “$SUPRA token launch on Ethereum” and a phishing-style airdrop campaign. The team has warned users that the post was not made by Josh or any member of the Supra team.
The misleading post encouraged users to connect their wallets to a whitelist website in order to claim tokens after launch. Supra has since clarified that the link and message were fraudulent and urged users not to send funds or interact with any related posts.
Please note that Josh’s X account has been illegitimately accessed.
The post regarding a SUPRA token on Solana is FAKE and was not posted by him.
Please DO NOT send funds to that Solana address, nor engage with any further posts from his account, until further notice.
Josh and…
— Supra (@SUPRA_Labs) June 5, 2026
What happened in the Supra X account hack?
According to the team, the X account belonging to Josh was compromised and used to publish false information about a token launch and a supposed whitelist airdrop. The post directed users to a third-party website asking them to connect wallets, which raised immediate security concerns within the community.
Supra has warned users to avoid engaging with the post, stressing that no official token claim or airdrop of this kind is currently active. The team is actively investigating the breach and working to regain full control of the account. Further updates are expected once the situation is fully resolved.
Why are crypto X account hacks becoming more common?
Account takeovers and phishing campaigns have become a recurring issue in the crypto industry, where attackers use trusted social media accounts to spread fake token launches or airdrops. These scams often rely on urgency and hype to trick users into connecting wallets or sending funds.
Similar incidents have affected projects across the ecosystem, including DeFi protocols, NFT communities, and even major exchanges. In many cases, attackers use compromised accounts to post fake contract addresses or phishing links designed to drain user wallets.
Security experts continue to warn that social media accounts remain one of the weakest points in crypto security. As a result, users are advised to verify announcements through official websites and multiple channels before interacting with any token-related claims or wallet connections.
Meanwhile, Hackers stole $81.7 million from crypto platforms in May 2026, according to new data from security firm PeckShield. This is an 87 per cent drop from April, when losses reached $646.89 million, the highest monthly total so far this year.
Enjoyed this? Bookmark DeFi Planet, explore related topics, and follow us on Twitter, LinkedIn, Facebook, Instagram, Threads and CoinMarketCap Community for seamless access to high-quality industry insights
Take control of your crypto portfolio with DEFI PLANET PRO, DeFi Planet’s suite of analytics tools.
