Jump to content
nsane.forums
Sign in to follow this  
straycat19

Classic Scam Finds New Life Stealing Bitcoin on Twitter

Recommended Posts

straycat19

A new version of a classic online scam is percolating on Twitter. And while anyone even halfway paying attention likely wouldn't fall for it, the trick has already raked in thousands of dollars of ethereum and bitcoin in less than a week.

 

The scheme itself is pretty straightforward: Attackers make Twitter handles that closely mimic the verified accounts of well-known figures like Elon Musk, John McAfee, or Ethereum cofounder Vitalik Buterin. Then they respond to one of those genuine tweets, giving the appearance of having started a thread, in which they claim that they'll send a significant quantity of cryptocurrency (like 2 bitcoin) to anyone who sends a smaller amount of currency (like 0.02 bitcoin) to a particular wallet. Yup, that's it. As of publication, you can see new attempts popping up on Twitter every few minutes.

 

"It's like a social media impersonation mixed with a classic Nigerian prince scam," says Crane Hassold, a threat intelligence manager at the security firm PhishLabs, who previously worked as a digital behavior analyst for the FBI. "Twitter will likely start blocking the accounts making the posts, but the level of effort needed for this scam is so low that it'll probably be a cat and mouse game, and the return on investment at the beginning will be pretty good for the actor."

 

The scheme also closely resembles a popular trick in the game Eve Online, in which scammers post "send a little, get a lot" promises to collect Eve's in-game currency (known as ISK) in its Jita solar system, which acts as the commerce center. Like cryptocurrency, ISK is stored in electronic wallets for digital transactions.

   

The Twitter version, which started cropping up on February 1, doesn't appear to be a total blockbuster, since most people know to avoid "send a little, get a lot" setups. (Not to mention that Elon Musk probably wouldn't randomly give out a ton of bitcoin for no reason through Twitter. We think.) Still, many of the bitcoin and ethereum wallets the attackers set up do have a low key stream of payments coming in. For example, one wallet posted in a fake

 

John McAfee tweet, which promised 20 bitcoin for every 0.02 received, racked up 0.184 bitcoin within hours. At current prices that's about $1,500. Not a gold rush, but also not bad for a scam that takes so little effort.

 

"It’s all a statistics game. They aren’t targeting folks who need to be convinced, they’re targeting folks who will knee-jerk react," says Tinker, a researcher from the Dallas Hackers Association who was early to spot the scam. "By lessening the length of the message, it makes the scam more consumable. Combine that with impersonating famous people sending out popular tweets and the fall of bitcoin—folks are desperate to get a gain on their loss."

 

As the price of cryptocurrencies has soared—and then crashed back down—scammers have capitalized on the booms and preyed on victims of the busts. The hustles are diverse, including all different types of phishing, spamming, and the notorious development of bogus initial coin offerings, but social media impersonation has a role in many of them, perhaps because so much discussion, speculation, and misinformation about cryptocurrency takes place there.

 

One attempt to identify bogus accounts impersonating prominent cryptocurrency community members is the new Chrome Extension "EtherSecurityLookup." Created by web developer Harry Denley, who also makes the anti-phishing tool "EtherAddressLookup," the new extension checks Twitter accounts against a whitelist of legitimate cryptocurrency community members, and flags handles that are too similar as potentially problematic.

 

Impersonation on social media is an ongoing problem, but these rackets violate the user agreements of pretty much every service, and platforms like Twitter can discourage them by playing whack-a-mole with the malicious accounts. And scams that are easy for fraudsters to run never totally go away, because it doesn't take much investment to do them as quick one-offs. "It's like any of the old school schemes," PhishLabs' Hassold says. "They're somehow still around, because there are always people who are going to fall for it."

 

Article

Share this post


Link to post
Share on other sites
Katzenfreund

I haven't read the article, but after so many stories of fraud, blackmail, even suicides attributable to Facebook & Twitter, I wonder why people join them, even prefer them over old-type boards such as this one.

 

Ud8FRU2.jpg

 

Actually, I think the cat is doing it right!  :)

Share this post


Link to post
Share on other sites
WALLONN7
34 minutes ago, Katzenfreund said:

I haven't read the article, but after so many stories of fraud, blackmail, even suicides attributable to Facebook & Twitter, I wonder why people join them, even prefer them over old-type boards such as this one.

 

I am not going out in defense of any social network, but to attribute those things to them is the same blah blah blah that tries to create connections between players of violent games and violence and death in real life!!!
People commit atrocities because they are prone to it... Bullying and etc can lessen the space between idea and action, but they are just part of the story, not all of it
!!!

 

34 minutes ago, Katzenfreund said:

Ud8FRU2.jpg

 

Actually, I think the cat is doing it right!  :)

 

Good to see that you are "toy" cat like me... It shows the special person you are!!! ^_^

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

Sign in to follow this  

  • Recently Browsing   0 members

    No registered users viewing this page.

×