Twitter users flooded the medium with warnings on June 2 after Mira Murati’s account was hacked, as reported by Cointelegraph. Murati is the chief technology officer of OpenAI, the artificial intelligence company behind ChatGPT.
Fraudulent airdrop
After the account was hacked, the perpetrator starting hawking a fraudulent cryptocurrency airdrop. Murati’s account tweeted a seemingly malicious link to an airdrop of the token OPENAI, supposedly compatible with ERC-20.
Murati’s Twitter account is verified and has 126,200 followers. The post was up for about an hour before it was deleted. In this time, it got almost 80,000 views and even dozens of retweets.
Users who picked up on the scam couldn’t alert anyone else because the author of the tweet had restricted who could reply to it.
A SIM swap or a hacked wallet?
According to some members of Crypto Twitter, Murati fell victim to a SIM-swapping attack. This is where the hacker convinces a mobile carrier to transfer a victim’s phone number to a new SIM card under their control. They use this control to reset passwords and gain access to cryptocurrency accounts.
The link in the tweet was to a sophisticatedly developed website, whose design and layout was very similar to that of ChainGPT, a legitimate project, with some minor differences. The main one was a prompt to link a crypto wallet. Hackers exploit crypto wallet vulnerabilities to gain unauthorized access and steal funds.
According to an employee of Beosin, a blockchain security company, the scam site applied a crypto wallet “draining kit” that tricked people into signing requests. Once they did that, the cybercriminal transferred ERC-20 tokens and NFTs out of the victim’s wallet, the expert added.
Most common crypto hacks
The most common types of crypto scams are phishing attacks, rug pulls, Ponzi schemes, malware, keylogging, smart contract exploits, social engineering attacks, and so-called 51% attacks.
Hackers use malicious software to infect computers or mobile devices, allowing them to steal private keys or login credentials. Keyloggers record keystrokes, enabling hackers to obtain sensitive information.
Smart contracts are self-executing contracts on blockchain platforms. If there are vulnerabilities in the code, hackers can exploit them to steal funds or manipulate the contract’s behavior.
Hackers may manipulate individuals through social engineering techniques, such as impersonating trusted individuals.
In blockchain networks that use proof-of-work consensus algorithms, a 51% attack occurs when a single entity controls the majority of the network’s mining power. This allows them to manipulate transactions or double-spend coins.
Credit: Source link