A new type of phishing attack has emerged on X platform, using fake applications to obtain authorization and bypass 2FA.

ChainCatcher reported that a recent highly covert phishing attack exploited the X platform's application authorization mechanism, bypassing passwords and two-factor authentication, resulting in several crypto industry accounts being hijacked.

The attacker lured users into authorizing a malicious application named “Calendar” by disguising phishing messages as Google Calendar links. The app actually contained disguised characters and requested full account control permissions. Security experts advise affected users to promptly visit the authorized applications page on X and remove any suspicious “Calendar” applications to prevent further losses.