On October 22, 2025, hackers infiltrated the official X account of the Cosmos-based stablecoin platform Noble, posting promotional information about a nonexistent NOBLE token on the Binance Smart Chain and Solana, along with a phishing link. Noble founder Jelena Noble and an intern quickly warned users to avoid participating through their personal accounts.
Noble X account hacked 24 hours attack and defense full record
According to the Scam Sniffer alert, Noble's official X account has been hacked and phishing tweets have been posted. The attack occurred on October 22, and after taking over the account, the hacker immediately released false $NOBLE token promotion information, claiming that the token would launch on the Binance Smart Chain and Solana. This strategy is highly misleading as it exploits Noble's reputation as a Cosmos ecosystem stablecoin platform, while issuing the token on a competitor's blockchain.
The phishing link released by hackers is cleverly designed to mimic the official Token issuance page, attempting to lure users into connecting their wallets and authorizing transactions. Once users approve the authorization, the hackers can transfer assets from the victims' wallets. This type of social engineering attack exploits users' trust in official accounts and their FOMO (fear of missing out) regarding new Token issuances.
Noble founder Jelena Noble and an intern quickly noticed the anomaly and issued a warning through their personal accounts. Jelena Noble clearly stated on her personal Twitter: “Our official account has been hacked, any information regarding the $NOBLE token issuance is false. Please do not click on any links or connect your wallet.” The intern also actively spread the warning message in the community, trying to prevent more users from falling victim before the damage escalated.
The crypto community quickly identified some contradictions in the project. The most obvious doubt is why Noble, as a native project of the Cosmos ecosystem, would choose to issue tokens on the Binance Smart Chain and Solana? This is completely inconsistent with its usual technical route. Furthermore, Noble has never publicly stated any plans to issue governance tokens, and the sudden token announcement itself is filled with suspicion.
By October 23, the Noble team successfully regained control of the X account and issued an official statement confirming that the incident has been resolved. The statement emphasized: “We have regained control of the account and are working with the X platform to investigate this security incident. We strongly recommend that all users enable two-factor authentication and remain highly vigilant regarding any Token issuance announcements.”
Why the stablecoin platform invested by Paradigm couldn't prevent Twitter from being hacked
(Source: Noble)
The stablecoin project Noble, invested by Paradigm, allegedly had its official Twitter account hacked and published a fake Dogecoin contract. This raises a critical question: why do these projects, valued at hundreds of millions of dollars, seem to be so “unconcerned” about their Twitter accounts? Noble has already secured top institutional investments, including Paradigm, with a project valuation of at least several hundred million dollars, yet there are vulnerabilities in the most basic social media security.
This incident is not an isolated case. Recently, the number of official X accounts being hacked has been increasing, with both small projects and well-known protocols experiencing similar attacks. The root of the problem lies in the fact that most project teams focus their security efforts on smart contract audits and on-chain asset protection, while neglecting the risks of social media accounts as a “social attack surface.” For hackers, breaching a Twitter account is far less difficult than compromising a blockchain system, yet the damage caused can be equally severe.
Common methods for social media account theft include phishing emails, SIM card swap attacks, and third-party application authorization vulnerabilities. Even if the project party has set a password, if hardware security keys or application authenticators are not enabled, it is still vulnerable to SMS interception attacks. The social media management permissions of many projects are distributed among several team members; as long as one person's account is compromised, hackers can gain control of the official account.
Common Social Media Security Vulnerabilities:
Weak Passwords and Password Reuse: Many team members use the same password across multiple platforms.
Lack of Hardware Security Keys: Relying solely on SMS two-factor authentication is prone to interception.
Excessive Administrator Privileges: Increases the attack surface; if any account is compromised, it could lead to a total breach.
Third-Party Application Authorization: Community management tools may become a springboard for intrusions.
Noble's stablecoin empire and USDN innovation
As of now, Noble has issued stablecoin assets worth over $540 million, continuously injecting liquidity into the Cosmos ecosystem. Just last month, Noble also became the first blockchain to issue the customized stablecoin USDN using the M^0 protocol. Although this recent hacking incident caused reputational damage, it did not affect Noble's core business operations, and all stablecoin assets remain safe.
As the cornerstone of crypto liquidity, the stablecoin market has seen significant development in recent years. According to data from DefiLlama, the total market capitalization of stablecoins has successfully surpassed $210 billion, setting a new historical record, which has also attracted more and more “predators” entering the market, wanting to take a share, with Noble being one of them.
In March 2025, Noble's USDN “Noble Dollar” was officially launched. USDN is a yield-generating stablecoin, currently yielding 4.15%, backed by over-collateralization from U.S. Treasury bonds (102%). This design not only keeps USDN price stable but also provides continuous returns for holders, creating a unique competitive advantage in the stablecoin market.
Noble is a blockchain project under Cosmos and has always been a promoter of digital asset issuance. The company has helped dozens of blockchain projects issue various stablecoin assets, such as Circle's USDC, Ondo's USDY, Hashnote's USYC, and Monerium's EURe. With USDN, Noble has actually become the original asset issuer, rather than just a technology service provider.
Why care about another stablecoin? The design principle of USDN is “composable yield,” which enables applications or aggregators of stablecoins to programmatically control the distribution of yields. This innovation provides DeFi protocols with more flexible capital management options, allowing stablecoin yields to be customized according to different application scenarios.
Three Major Lessons on Community Security for Crypto Projects
The recent hacking incident of the Noble X account has provided valuable security lessons for the entire cryptocurrency industry. Firstly, social media security must be regarded with equal importance as smart contract security. Project teams should establish comprehensive social media security protocols, including hardware security keys, multi-signature approval mechanisms, and regular security audits.
Secondly, a rapid response mechanism is crucial. The Noble team was able to regain account control within 24 hours, largely thanks to the quick reactions of the founders and team members. Establishing clear crisis communication channels to ensure that the community can still be contacted when the official account is compromised is a contingency plan that every project should prepare for.
Thirdly, user education is always important. Even if the official account is hacked, if users can identify the contradictions in the scam (such as the Cosmos project suddenly switching to BSC and Solana), they can avoid losses. Project teams should regularly educate the community on security knowledge and cultivate users' critical thinking.
