Cybercriminals are increasingly making use of advertisements on X, formerly Twitter, to promote websites with malicious codes capable of draining crypto assets from connected wallets, fake airdrops and other scams. These include links to channels on Telegram promoting pump and dump schemes, links to phishing pages.
Since X, like most other social media platforms, shows advertisements based on a user’s interest, not all users might be exposed to ads with scam links. However, the number of advertisements with scams has increased so much that users are leaving community notes to warn others that they are scams or wallet drainers, a report from Bleeping Computer said.
X is not the platform dealing with the problem, in December 2023, reports emerged that a cryptocurrency drainer being promoted on X and Google Search stole $59 million from thousands of victims over the past nine-months.
However, the sheer volume of malicious ads on X has increased rapidly over the past month, with many of the ads containing crypto scams coming from verified users.
(For top technology news of the day, subscribe to our tech newsletter Today’s Cache)
Users on the platform believe that X is turning a blind eye to the malicious ads to bolster its dwindling advertising revenue. By July, last year, Elon Musk shared that the social media platform had lost roughly half of its advertising revenue since he took over the company.
Hijacked verified accounts push crypto scam
Threat actors are also increasingly hijacking verified accounts to push crypto scams. Earlier this month the accounts of Mandiant, an American cybersecurity firm and Google subsidiary, and CertiK a Web3 security company were hijacked to push crypto drainer.
Attackers used the Mandiant’s X account to impersonate a Phantom crypto Wallet and share a cryptocurrency scam. The scam lured users by promising to distribute free crypto coins as part of airdrop. However, when users click on the button to claim the airdrop, they were they would be redirected to a website with malicious script capable of draining users’ crypto wallets.
Cybercriminals used similar tactics after hijacking the X account of blockchain security firm CertiK.
month
Please support quality journalism.
Please support quality journalism.
Credit: Source link
Arabic
Bengali
Chinese (Simplified)
English
French
German
Italian
Japanese
Korean
Portuguese
Russian
Spanish
Vietnamese