The game within the game is still self-directed, Truth Terminal founder X was stolen to stage a series of dramas.

Original | Odaily Planet Daily (@OdailyChina)

Author | Nan Zhi (@Assassin_Malvo)

3 minutes, 40 times, $20 million

Yesterday at 9:54, Andy Ayrey, the author of Truth Terminal, posted an image on the X platform with the token name and contract. As the origin of the hottest token GOAT recently, Andy and Truth Terminal are closely followed, and even fragments and words of their key remarks can generate memes with a market capitalization of tens of millions of dollars.

On the other hand, the style and content of the picture are very similar to Andy’s usual style, and the attacker did not directly release the Token contract like a typical account thief, which did not raise the alertness of most users.

Just 3 minutes after Andy posted that picture, the Token’s market capitalization pumped from $500,000 to $20 million. However, the attacker’s bundled wallet began to dump massively, and users began to realize that Andy’s account had been stolen, causing the price to collapse.

Hacker: I’m done acting

After the Token flash crash, the hackers no longer conceal their actions and frequently post various Token links, with the IB Token image being pinned to the top. However, due to the significant losses suffered by many users on IB, the number of participants has decreased.

After the subsequent scams yielded little results, the hijacker posted, ‘Should I launch unbundled Tokens for the community?’ After being exposed by users in the comment section once again, they directly stated, ‘Thank you for giving me 2 million,’ far exceeding the $600,000 income disclosed by Lookonchain.

New AI Feature: Account Theft Recognition

At 1 pm, Andy Ayrey’s account posted a message saying, ‘Account privileges have been revoked. Hacker manipulated my mobile device through social engineering. If I message you privately, it’s not me. Stay safe.’ The style is very formal, and it seems that the account privileges have indeed been revoked.

However, under that account, Truth Terminal has shown a new feature beyond spelling errors and the mix of Chinese and English, which is to “distinguish whether the account has been stolen” - Truth Terminal replied “liar” under Andy’s account announcement of revoking permissions, thus confirming the fact that the account is still stolen.

(Note: For details of spelling error incidents, please refer to ‘Spelling Error Raises Doubts, What Kind of Game is AI Meme?, which caused GOAT to drop nearly 50%.’)

Self-directed and self-acted, revealing the truth or a deeper conspiracy?

Manual Takeover Truth Terminal

After his original account was stolen, Andy created a new account Constellate #FREEANDY (@ConstellateLabs), and verified his identity by recording a video and forwarding it through the Truth Terminal account.

Later, ConstellateLabs clarified the “new features” of Truth Terminal: at 2 p.m., ConstellateLabs announced that they would manually intervene and control the Truth Terminal account until the issue of the original account being stolen is resolved. (Note: This announcement was made one hour after the Truth Terminal authentication account was stolen.)

The new Address is used by the hacker for fundraising

Yesterday at 3 pm, in order to ensure the security of funds, Andy’s new account ConstellateLabs publicly released a new Address and transferred the assets in the original Address. The public Address is shown in the figure below, please pay attention to the second Address oYYe…uV3K.

At 6:29 a.m. this morning, Andy, whose account was stolen by @AndyAyrey, released a presale announcement, selling EVIL Token through a transfer. However, some users later found that the receiving address used by the stolen account was the same as the Truth Terminal Address published by the new account, oYYe…uV3K. The presale announcement tweet was then deleted, and the victim has not posted anything since.

Reasonably inferred, this may be the attacker’s ‘spoofing’ using Andy’s new Address, but considering the worst-case scenario, it may also be a problem exposed due to pasting the wrong Address.

Now, Andy still hasn’t been able to recover his account, and the hacker is still actively causing trouble. More dramas may be on the way. Odaily will continue to follow and report on this.