Skip to main content

Here’s how scammers are stealing popular NFTs, digital currencies using Twitter accounts – BusinessLine

here’s-how-scammers-are-stealing-popular-nfts,-digital-currencies-using-twitter-accounts-–-businessline

Info-tech

Cybercriminals are hijacking verified or unverified Twitter accounts to impersonate popular NFT projects

Scammers are hacking Twitter accounts and using them to steal non-fungible tokens (NFT) and cryptocurrencies. According to new research, published by Tenable’s Staff Research Engineer, Satnam Narang, scammers captialising on the fervor in NFT and cryptocurrencies.

Cybercriminals are hijacking various verified and unverified accounts on Twitter to impersonate popular NFT projects including Bored Ape Yacht Club (BAYC), Azukis, MoonBirds, and OkayBears, to steal users’ crypto assets by leading them to phishing sites.

“The success of some of these blue-chip NFT projects has paved the way for broader adoption by promoting upcoming integrations with their own metaverses, giving scammers ample opportunity to capitalise on new or rumoured announcements in relation to these projects,” as per Narang.

Leveraging Twitter mentions

These scams occur few different ways, according to the research. One of the ways is when scammers leverage Twitter mentions to capture attention. Cryptocurrency scammers tag users in replies across hundreds of tweets in a bid to drive them to phishing websites that are often indistinguishable from legitimate NFT project sites.

This makes it difficult for the average cryptocurrency enthusiast to tell them apart. Users are then convinced to connect their cryptocurrency wallets instead of using usernames and passwords. With this, scammers are able to then transfer out the digital currencies like Ethereum ($ETH) or Solana ($SOL), as well as any NFTs, being held in these wallets.

There is also a rise in airdrops and free NFTs drive cryptocurrency scams. The airdrop is a promotional activity meant to help bootstrap a digital currency project. The BAYC, announced earlier this year an Airdrop of ApeCoin to holders of its various NFT projects such as BAYC, Mutant Ape Yacht Club, and Bored Ape Kennel Club.

“Scammers saw this announcement as a ripe opportunity to target the interest in this upcoming airdrop and began creating campaigns by hijacking verified Twitter accounts to drive users to phishing sites,” Narang explained.

Separately, scammers pose as good samaritans by using the threat of potential scammers as justification for why they “clean” or “close” comments or replies to their tweets. Once they’ve seeded a few of these fake tweets, they leverage a built-in Twitter feature for conversations to restrict who can respond to their tweets. This will prevent users from warning others of the potential fraud.

“Despite their volatility, interest in NFTs and cryptocurrencies continue to grow in India. And based on extensive research in this area, scammers continue to find creative ways to dupe users,” said Narang.

‘Perception of legitimacy’

“In India, there’ve been reports of government officials, celebrities, or large corporations being impersonated to infuse the perception of legitimacy. Operating from a place of skepticism is likely going to provide some cover for users when it comes to such scams,” said Narang.

As per Narang, users must be cautious and remain suspicious of the motivations if they are proactively tagged in a tweet, even if it comes from a verified Twitter account.

“Seek out the original project’s website and cross-reference links that you see being shared on Twitter with the ones on their official website. Scammers will also rely on the urgency to try to add pressure on users in this space. If an NFT mint is happening, they’ll say that there are a limited number of spots left. This urgency makes it easier to take advantage of users not wanting to miss out on the opportunity. Ultimately, if something sounds too good to be true, it probably is,” he further added.

Published on May 29, 2022

You May Also Like

Recommended for you

Similar posts

No Comments Yet

Leave a Reply

Your email address will not be published.

 
bitcoinBTC/USD
$ 19,433.97
ethereumETH/USD
$ 1,100.02
tetherUSDT/USD
$ 1.00
usd-coinUSDC/USD
$ 1.00
bnbBNB/USD
$ 224.71
binance-usdBUSD/USD
$ 1.00
xrpXRP/USD
$ 0.317099
cardanoADA/USD
$ 0.450249
solanaSOL/USD
$ 33.59
dogecoinDOGE/USD
$ 0.066009
polkadotDOT/USD
$ 6.71
daiDAI/USD
$ 1.00
tronTRX/USD
$ 0.067092
shiba-inuSHIB/USD
$ 0.00001
leo-tokenLEO/USD
$ 5.68
wrapped-bitcoinWBTC/USD
$ 19,460.77
avalanche-2AVAX/USD
$ 16.86
staked-etherSTETH/USD
$ 1,065.26
matic-networkMATIC/USD
$ 0.498574
litecoinLTC/USD
$ 48.65
ftx-tokenFTT/USD
$ 24.64
okbOKB/USD
$ 12.28
chainlinkLINK/USD
$ 6.13
crypto-com-chainCRO/USD
$ 0.112883
stellarXLM/USD
$ 0.105988
cosmosATOM/USD
$ 8.53
nearNEAR/USD
$ 3.31
uniswapUNI/USD
$ 5.08
moneroXMR/USD
$ 119.57
algorandALGO/USD
$ 0.305167
ethereum-classicETC/USD
$ 14.61
bitcoin-cashBCH/USD
$ 102.53
theta-fuelTFUEL/USD
$ 0.049063
chain-2XCN/USD
$ 0.087425
flowFLOW/USD
$ 1.58
vechainVET/USD
$ 0.022206
the-sandboxSAND/USD
$ 1.12
apecoinAPE/USD
$ 4.66
fraxFRAX/USD
$ 1.00
hedera-hashgraphHBAR/USD
$ 0.0607
internet-computerICP/USD
$ 5.36
tezosXTZ/USD
$ 1.45
decentralandMANA/USD
$ 0.846813
filecoinFIL/USD
$ 5.36
true-usdTUSD/USD
$ 1.00
elrond-erd-2EGLD/USD
$ 52.58
axie-infinityAXS/USD
$ 14.14
theta-tokenTHETA/USD
$ 1.17
bitcoin-svBSV/USD
$ 52.75
heliumHNT/USD
$ 9.10