New Twitter Scam Involves Hacking Verified Accounts To Post Fake NFT Links

A new Twitter scam involving NFT thieves is gaining ground, so beware.

Twitter NFT Profile Picture Releases to Twitter Blue Subscribers | How it Works
This picture taken in Moscow on October 12, 2021 shows the logo of US social network Twitter on a smartphone screen. KIRILL KUDRYAVTSEV/AFP via Getty Images

TheNextWeb reports that many hackers are taking over several verified accounts on the platform (the ones with the blue checkmark), all to post malicious links targeting the Moonbirds NFT project.

The NFT project, as per the report, has raked in over $290 million in sales across platforms like Looksrare and OpenSea. In order to steal, the hackers hijack a verified Twitter account, tweet out a malicious link. This link is made to trick people into thinking they're going to get a Moonbirds NFT, they're just sending their crypto payments straight into the hackers' wallets.

So far, at least 10 verified Twitter accounts have been hacked, and they're all pretty big names. The list includes former RuPaul's Drag Race Pangina Heals, Dahlia Sin, and Lady Camden, Levi Sanders (the son of Sen. Bernie Sanders), and even Indian and Argentinian politicians, among others.

It is also worth noting that this kind of Twitter scam has been going on for a while now, and the hackers are making an absolute mint off it.

One similar phishing hack also involved verified accounts that were stealing NFT assets from Bored Ape Yacht Club (BYAC) and Mutant Ape Yacht Club (MAYC). According to a report by Cryptonary, the scammers managed to steal NFTs from an individual BAYC and MAYC owner worth over $500,000, by virtue of scammy links.

The attack, as per Twitter user zachxbt (known for watching out for crypto scams), was more or less like a lamp post to fireflies as soon as it was launched. In a tweet, he mentioned that the Moonbirds NFT was the target of a cyberattack called a Sybil at launch.

A Sybil attack involves a single person creating so many digital wallets so they can be on the allowlist. This strategy enables the person to win 50 slots, which could have led to them earning a lot of money by selling the NFTs elsewhere.

How To Avoid The New Twitter Scam

Avoiding this new scam involving NFT trading is pretty simple: don't fall easily for links that look suspicious. This could be tough if the one sharing the links is a verified account, which the hackers want exactly. They want to trick you into thinking that the link is genuine when it is not.

This is a perfect example of a phishing attack, and is just the latest in 2022's list of NFT and crypto-based scams. As for Twitter being used as a staging ground, it remains to be seen how the social media giant aims to stop their platform from being used in this kind of way.

Twitter
Twitter Unsplash/Jeremy Bezanger

According to TheBlockCrypto, there's no clear rule in the company's Misleading & Deceptive Identities Policy that states how these scammers should be punished. The only thing that could be close enough is Twitter's Spam policy, which says that any account found spamming content could lead to its suspension.

But while this could stop the spam, it doesn't clearly target the hackers themselves-only, the owner of the hijacked account. This then leaves so many more accounts vulnerable because the scammers are basically going unpunished.

This article is owned by Tech Times

Written by RJ Pierce

ⓒ 2024 TECHTIMES.com All rights reserved. Do not reproduce without permission.
Join the Discussion
Real Time Analytics