fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

Verified Twitter Accounts Hacked In $580k ‘Elon Musk’ Crypto Scam

Verified Twitter Accounts Hacked In $580k ‘Elon Musk’ Crypto Scam

Threat actors are hacking verified Twitter accounts in an Elon Musk cryptocurrency giveaway scam that has recently become widely active.

There is nothing new about cryptocurrency scams on Twitter, especially ones pretending to be giveaways from Elon Musk. In 2018, scammers raked in $180,000 using a successful Elon Musk giveaway scam promoted on Twitter.

Over the past week, security researcher MalwareHunterTeam has seen an uptick in verified Twitter accounts hacked in a scam promoting another fake Elon Musk cryptocurrency giveaway.

These accounts will reply to tweets, like Elon Musk’s below, and promote a scam where Musk is allegedly giving away free cryptocurrency.

Tweets promoting fake Elon Musk crypto scams
Tweets promoting fake Elon Musk crypto scams

The tweets will contain links that redirect to Medium article promoting the fake giveaway. The articles contain further links to the scam landing pages that state if you send bitcoins to the listed address, they will send you back twice the amount.

Also Read: A Look at the Risk Assessment Form Singapore Government Requires

Fake Elon Musk/Tesla giveaway site
Fake Elon Musk/Tesla giveaway site

While most of these tweets are using Elon Musk as their theme, some of the hacked accounts are also promoting fake giveaways from Tyler Winklevoss of Gemini Exchange.

A tweet promoting a fake Gemini giveaway
A tweet promoting a fake Gemini giveaway

MalwareHunterTeam told BleepingComputer that most of the accounts hacked for this scam have been dormant without activity from the owner.

“Big %, but not all. At least 2-3 was active within a few weeks to few days, of those one looked possible the last activities was not from the original owner but of course couldn’t verify,” MalwareHunterTeam explained.

As Twitter disabled the ability to verify an account in July after the company was hacked in a massive cryptocurrency scam, verified accounts are in high demand for threat actors.

The attackers are likely targeting dormant verified accounts not to be detected by the owner of the accounts.

BleepingComputer contacted Twitter with questions about this recent scam but did not receive a response.

Scammers rake in over $580k in one week

This scam has been very successful for the threat actors.

From the cryptocurrency addresses collected from landing pages seen by BleepingComputer and MetaMask, the threat actors have earned $587,000 in bitcoin.

Bitcoin addressAmountUSD amount
1cD2EEwxjVYqwP83Pah21PLnqD3PMJc6i2.62081802$103,238.22
1CZA6v4XzPQmC599WmSvbvsu2r8UEUUbHi0.44035153$17,346.15
1MUSK1dQxb8UZeUUZrBMGofDaL3UeL97tW00
1MusK1HoQi7ULXJdodirUsHiZfyN7z5puP1.00200000$39.470.38
1MUSK1Je69ucdgjgMrwHb7DR9YxgzEvSKQ0.12708550$5,006.10
15VnqLx6AC48wHyV86UnvTY4qYJV18gNfM00
16ShxhEXxzFyyEFeRkNbJDEHb3zuvTdSuH10.64921182$419,489.49

The Etherium giveaway scams did not do as well, only generating $2,700 for the scammers.

Ethereum addressAmountUSD amount
0xd2227F40458B8F1Bc2F2b07142541cDb792D3E122.21264498$2,705.95
0x12b1036Ed346381fcCcacAB8b02491Ff37f87D820.0006031099671620.73
0x38a19CA0b320012b1AC6227e391C11C34A12131b00
0xB5E8780f0f2328288FCa05bb5D77065FEC2eBcA20.0027800000000063.37

As there are many landing pages associated with this scam, it is possible that some have been more successfull in scamming people out of their assets.

Also Read: How to Send Mass Email Without Showing Addresses: 2 Great Workarounds

It is essential to understand that Elon Musk, Tesla, Gemini, or the Winklevoss twins will not send you cryptocurrency and that all these giveaways are scams.

If you wish to give away your cryptocurrency, send it to us: 3Jw4LswKzGzQBRX5s12br6TvJNm5NpQhUV. You won’t get any back, but you will at least fund journalism.

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us