If you're interested in this story, like and share; I will release one every day.

Photo proofs:
1. X cancelled the backup account registered with the true email asset.captureapp.xyz/bafybeifbnhn...
2. Blue badge only gets bots: asset.captureapp.xyz/bafybeidpgu7...

Some of my friends told me the yellow checkmark (which costs 5x more than the blue checkmark) can get a 5-hour VIP line. I asked for help from all friends who had the yellow checkmark to escalate. Did that help? I'll share more in the next story.

I tried to tag @Premium @Support @Safety in public and DM @Premium. No answer, but kind of expected—I still repeated every hour. Turns out "priority support" for paid users is just a bot that can choose not to respond.

In the email, X also stated that we may not use a fake identity to deceive others. Great, now the scammer was "authentic" with a "real" identity backed by X. What a joke 😂.

Maybe a backup account can help?
I launched @NumbersP41707 as a lifeboat. Then, the most ironic thing in the whole story happened. X suspended the "real" backup account and sent an email to our official email, hi@numbersprotocol.io, because that account was "inauthentic."

Photo proof of the hacker rocking the X company badge: asset.captureapp.xyz/bafybeif2mal...

Things flipped so fast; stuff I saw one second was gone the next. All I could do was keep grabbing evidence and snapping photos with our ProofSnap App and wrote everything onto blockchain.

My questions were:

* If it was an X employee’s account that got hacked, and X itself was fine: once the account was recovered, @Safety should’ve been alerted and shut down other compromised accounts fast.
* Or, was X itself hacked? That would explain everything.

After about 20 minutes, something even crazier happened. All traces of this employee account with the X badge vanished—poof, gone without a trace. Meanwhile, the hacker kept posting fake meme coin nonsense on the @numbersprotocol account.

That's the wildest part of this whole thing. I couldn’t tell if the attacker hijacked a staff account or somehow got control of X’s badge system to link the company badge on any account. The scammer’s like a raccoon wearing a Rolex. @Support? Still silent.

Twenty minutes into the breach, the scammer pulls off the impossible: sporting an official X-employee badge.
@alypetru’s account backed every scam post with an X badge, making them feel “credible.”

If you are interested in this story, like and share; I will release one every day.

Photo proofs:
1. Email sent by x.com: asset.captureapp.xyz/bafybeiacpfw...
2. Grok's comment about 2FA: asset.captureapp.xyz/bafybeieivm2...

Lesson of Hour 0: Tech is never 100% secure. I’m a tech founder—I use 2FA, inspect headers, and stay alert. But it wasn’t enough. Tomorrow I’ll show how even the X badge system was compromised.

Soon afterwards my co‑founder @tammyyang.bsky.social told me that a community member was asking whether our X account had been hacked. I knew my peaceful Sunday was over.

The reply asked for ‘social proof’, requesting that I provide a Telegram code. Although the email looked legitimate, the behaviour was suspicious. I withheld the Telegram code, and the emails ceased.

Five minutes later I received an official‑looking email from Alyssa Petru—sent and signed by x.com—claiming X had detected an unusual log‑in and asking whether I needed help. As the email signature and header looked legitimate, I replied and shared the log‑in challenge.

It began on a quiet Sunday. I tried logging into @numbersprotocol via Google Sign-in—but instead landed in a strange new account. On the app, settings vanished. Something was wrong.

I panicked a little, yet because the company account had 2FA protection I thought everything would be OK. I was wrong

I hope this never happens to you, but if your account or company is ever hacked, perhaps this series will help.

Hour 0: Min 0 – 2FA, email signatures—are they really safe?

Definitely not X