Key Takeaways
In September 2025, X, the platform once known as Twitter, revealed something startling. Its Global Government Affairs team announced it had uncovered a bribery network designed to reinstate accounts previously suspended for crypto scams and platform manipulation.
According to the company, intermediaries approached employees with offers on behalf of scammers whose accounts had been banned. While X did not confirm whether any bribes were accepted, the revelations underscored a growing challenge: cybercriminals are willing to go to great lengths — even corrupting insiders — to keep their operations alive.
This case study tells the story of the bribery scandal, situating it within the broader fight against crypto scams. It explains the role of organized crime groups like The Com and outlines the lessons for companies, regulators, and users.
+76
The bribery revelations came during a year already defined by record-breaking losses. By mid-2025, crypto-related phishing scams and fraud had cost users more than $2.1 billion globally.
X, one of the most influential crypto discussion and promotion platforms, had long been a prime target.
In late 2024, the company reported suspending over 335 million abusive accounts, an astonishing figure highlighting the problem’s scale and the scammers’ persistence.
A suspended account is a major setback for scammers. But for platforms like X, suspensions are only meaningful if they stick. The bribery network exposed in September revealed that some scammers were exploring a new path: repurchasing their way in.
On Sept. 19, 2025, X’s Global Government Affairs account posted a blunt statement:
“X has exposed and is taking strong action against a bribery network targeting our platform. Suspended accounts involved in crypto scams and platform manipulation paid middlemen to attempt to bribe employees to reinstate their suspended accounts. Legal proceedings are underway against participants, and we fully support law enforcement. Our commitment to ensuring our platform’s integrity is absolute.”

The statement also stressed two key points:
By naming multiple platforms, X signaled that this was not an isolated issue but part of a broader criminal ecosystem.
While the company did not share full technical details, investigators and cybersecurity analysts described the mechanics of the scheme:
X’s probe linked the bribery scheme to a wider criminal ecosystem known as The Com. Law enforcement has described The Com as an international community of hackers and cybercriminals, responsible for a spectrum of online offenses.
In July 2025, the FBI issued a public warning about one subgroup, Hacker Com, describing it as a technically skilled network engaged in:
Remarkably, the FBI noted that many members are minors, drawn into the community through underground forums and social channels. Rivalries within The Com are fierce; disputes often erupt over stolen funds or reputation, with subgroups even targeting each other.
The common denominator is money, specifically cryptocurrency. Theft, extortion, and scams are often fueled by the goal of amassing digital assets, which can then finance further criminal activity.
To understand why bribery made sense, consider the value of a large social media account.
Paying a bribe is an investment. The scammer regains a valuable asset, while the insider risks detection for a potentially large payout.
In its announcement, X emphasized that:
Notably, X did not say whether any employees had accepted bribes, a silence that leaves questions about how close scammers came to success.
The scandal landed at a sensitive moment. X is preparing to launch X Money, a digital wallet project in partnership with Visa. With regulators already concerned about the company’s role in online finance, the bribery revelations drew sharper scrutiny.
For users, the response was mixed. Many praised the company for exposing the scheme and cooperating with authorities. Others demanded greater transparency and proactive protection against manipulation.

This scandal is instructive because it illustrates the insider threat problem in digital organizations. Most security models focus on external attackers like hackers, malware,and phishing. However, insiders with privileged access can cause equal or greater harm.
Key Points:
The bribery scheme is not an isolated case but part of a larger pattern: the professionalization of online crime. Groups like The Com operate like businesses, with hierarchies, intermediaries, and specialized roles.
The case also reflects the arms race between platforms and criminals:
This cycle is ongoing and shows no signs of slowing.
For X, the bribery scandal is both a challenge and an opportunity. By exposing the scheme, the company has signaled its commitment to integrity. Yet its future ambitions will attract further scrutiny, especially with X Money.
Regulators, investors, and users want assurance that insider corruption cannot undermine financial services.
The scandal also highlights the importance of collaborative defense. Since the same actors targeted multiple platforms, companies may need to coordinate more closely and share intelligence on criminal networks.
The X bribery scandal of 2025 demonstrates how far cybercriminals are willing to go. Unable to bypass suspensions, they tried to repurchase their way in — using cryptocurrency to grease the wheels.
The case underscores three truths:
The lesson is clear for users, regulators, and platforms alike: integrity cannot be assumed; it must be safeguarded at every level.
In September 2025, X revealed it had uncovered a bribery network where middlemen approached employees on behalf of crypto scammers. Their goal was to pay bribes to reinstate accounts previously suspended for scams and platform manipulation. Suspended accounts often have large audiences and established trust. By regaining access, scammers could immediately exploit those accounts to promote fake tokens, phishing schemes, or coordinated spam — making them highly profitable. X linked the scheme to a cybercriminal ecosystem known as “The Com”, which law enforcement agencies have tied to phishing, SIM-swapping, ransomware, and crypto theft. One subgroup, Hacker Com, has been on the FBI’s radar for its role in high-profile cyberattacks. If scammers succeed in regaining banned accounts, users are more likely to be deceived by fraudulent posts. A reinstated account can look legitimate, increasing the risk of losing money to phishing links or fake “investment” opportunities.