Verified Twitter accounts used to promote Elon Musk-themed crypto scams yet again

Malicious actors are hacking verified Twitter accounts to promote Elon Musk-themed crypto scams in yet another attempt to make money from gullible users.

 

The image used in many fake Elon Musk giveaway sites

Verified Twitter accounts are yet again being used to promote fake Elon Musk bitcoin and ethereum giveaways. And it appears that many people have yet again fallen for it.

Cryptocurrency scams have been around for many years, and they’ve been promoted on Twitter for a similar amount of time. Names of famous people, Elon Must in particular, are often used to promote these scams and make them seem more legitimate. These scams can be encountered all the time, and it’s not difficult to find fake Elon Musk Twitter accounts commenting about them on legitimate Elon Musk posts. No matter how obviously fake they are, scammers still manage to trick users, judging from the fact that transfers are made to their crypto wallets

In many cases, crypto scams are promoted via fake Twitter accounts that are made to resemble legitimate famous ones. But malware researcher MalwareHunterTeam started noticing that verified Twitter accounts are being used to promote the scams, which makes them seem much more convincing, allowing scammers to trick more people. Among the hijacked accounts was that of US Representative Kevin McCarthy as well. MalwareHunterTeam has told BleepingComputer that hijacked accounts were mostly dormant ones without recent activity.

Hijacked Twitter account tweets contain the generic “Have you seen this event yet? Elon made me a rich person!” messages and have photoshopped images of Elon Musk’s official Twitter account announcing a crypto giveaway, followed by link to a fake Tesla website. The site displays the classic Elon Musk image that’s always used in these scams and explains that users need to verify their addresses in order to receive free bitcoin. To do that, users need to send from 0.05 to 20 BTC to the displayed wallet address. According to the scam, they would then receive two times the amount the sent.

According to BleepingComputer,who have checked the wallet addresses in landing pages, scammers have made over $580,000 in bitcoin in a mere week.

Twitter is not the only platform on which these fake giveaways are promoted. Scammers also use video sharing platform YouTube to promote crypto scams. The scams are especially easy to find when Elon Musk or SpaceX are doing live stream events, such as when SpaceX live streamed its first crewed Crew Dragon spacecraft launching and docking on the International Space Station. For days afterwards, there were multiple hijacked YouTube channels streaming the event and promoting the crypto scam.

One of many videos using Elon Musk and SpaceX to promote crypto giveaway scams

They are usually quickly taken down but still manage to make some amount of money.

Not the first time verified Twitter accounts are hacked to promote crypto scams

This is certainly not the first time verified Twitter accounts have been hijacked to promote cryptocurrency scams. In one of the biggest cyber security incidents of 2020, 130 high profile Twitter accounts were hijacked to post a bitcoin scam. On July 15, 2020, accounts of prominent people and companies including Elon Musk, Barack Obama, Joe Biden, Bill Gates, Kim Kardashian, Apple, and Uber, started inviting people to take part in a Bitcoin giveaway that would allow them to receive double the amount they send. Around $110,000 in Bitcoin was sent to the scammers’ accounts, which is a surprisingly small amount all things considered.

The perpetrators were able to gain access to Twitter’s administrative tools via social engineering attacks targeting Twitter employees, which subsequently allowed them to post tweets from Twitter accounts. Out of 130 high-profile accounts that were accessed, only 45 tweeted out the giveaway scam, however. Many of the tweets claimed that the giveaway is organized in response to the COVID-19 pandemic.

Giveaway scam promoted via hijacked account of Barack Obama

Three individuals were arrested in connection to the hack the same month. They were charged with wire fraud, money laundering, identify theft and unauthorized computer access.