A fake tweet from Coingecko's hacked X account lured users to click on a malicious link to claim token airdrops.