Cybercriminals are hijacking verified or unverified Twitter accounts to impersonate popular NFT projects
Scammers are hacking Twitter accounts and using them to steal non-fungible tokens (NFT) and cryptocurrencies. According to new research, published by Tenable’s Staff Research Engineer, Satnam Narang, scammers captialising on the fervor in NFT and cryptocurrencies.
Cybercriminals are hijacking various verified and unverified accounts on Twitter to impersonate popular NFT projects including Bored Ape Yacht Club (BAYC), Azukis, MoonBirds, and OkayBears, to steal users’ crypto assets by leading them to phishing sites.
“The success of some of these blue-chip NFT projects has paved the way for broader adoption by promoting upcoming integrations with their own metaverses, giving scammers ample opportunity to capitalise on new or rumoured announcements in relation to these projects,” as per Narang.
Leveraging Twitter mentions
These scams occur few different ways, according to the research. One of the ways is when scammers leverage Twitter mentions to capture attention. Cryptocurrency scammers tag users in replies across hundreds of tweets in a bid to drive them to phishing websites that are often indistinguishable from legitimate NFT project sites.
This makes it difficult for the average cryptocurrency enthusiast to tell them apart. Users are then convinced to connect their cryptocurrency wallets instead of using usernames and passwords. With this, scammers are able to then transfer out the digital currencies like Ethereum ($ETH) or Solana ($SOL), as well as any NFTs, being held in these wallets.
There is also a rise in airdrops and free NFTs drive cryptocurrency scams. The airdrop is a promotional activity meant to help bootstrap a digital currency project. The BAYC, announced earlier this year an Airdrop of ApeCoin to holders of its various NFT projects such as BAYC, Mutant Ape Yacht Club, and Bored Ape Kennel Club.
“Scammers saw this announcement as a ripe opportunity to target the interest in this upcoming airdrop and began creating campaigns by hijacking verified Twitter accounts to drive users to phishing sites,” Narang explained.
Separately, scammers pose as good samaritans by using the threat of potential scammers as justification for why they “clean” or “close” comments or replies to their tweets. Once they’ve seeded a few of these fake tweets, they leverage a built-in Twitter feature for conversations to restrict who can respond to their tweets. This will prevent users from warning others of the potential fraud.
“Despite their volatility, interest in NFTs and cryptocurrencies continue to grow in India. And based on extensive research in this area, scammers continue to find creative ways to dupe users,” said Narang.
‘Perception of legitimacy’
“In India, there’ve been reports of government officials, celebrities, or large corporations being impersonated to infuse the perception of legitimacy. Operating from a place of skepticism is likely going to provide some cover for users when it comes to such scams,” said Narang.
As per Narang, users must be cautious and remain suspicious of the motivations if they are proactively tagged in a tweet, even if it comes from a verified Twitter account.
“Seek out the original project’s website and cross-reference links that you see being shared on Twitter with the ones on their official website. Scammers will also rely on the urgency to try to add pressure on users in this space. If an NFT mint is happening, they’ll say that there are a limited number of spots left. This urgency makes it easier to take advantage of users not wanting to miss out on the opportunity. Ultimately, if something sounds too good to be true, it probably is,” he further added.