- A scamming group stole roughly $1 million worth of cryptocurrency off Twitter hacks within a few weeks.
- Phishing scams are tweeted as soon as the scammer gets control of a Twitter account.
A group of scammers has stolen roughly $1 million worth of cryptocurrency within a few weeks, according to blockchain sleuth ZachXBT.
The group has hacked more than eight Twitter accounts belonging to significant crypto figures to promote phishing scams.
ZachXBT explained on Twitter that he had discovered multiple wallets “linked on chain” that are tied to phishing attacks promoted by the recently compromised accounts.
“While the majority of these attacks were the result of a SIM Swap it seems other accounts were potentially stolen with a [Twitter admin] panel,” ZachXBT noted.
The hacked accounts belong to prominent crypto figures such as Pudgy Penguins founder Cole Villemain, DJ and NFT collector Steve Aoki, Bitcoin Magazine editor Pete Rizzo, OpenAI chief technology officer Mira Murati and crypto critic Peter Schiff.
“I hope Twitter Safety investigates each attack closely as they have resulted in almost seven figures stolen,” said ZachXBT.
Phishing scams tweeted as soon as Twitter accounts hacked
According to the online sleuth, phishing scams are tweeted as soon as the scammer gets control of a Twitter account. Slow response times from Twitter Support have resulted in some of these tweets remaining online for several hours, if not days.
Instead of SMS-based two-factor authentication, ZachXBT advised consumers to utilize a security key.
OpenAI CTO Mira Murati’s account got hacked on 2 June and the Twitter community warned its members about her account sharing a phishing link promoting a fake airdrop for an ERC-20 token named OPENAI.
This scam tweet was up for almost an hour, and was retweeted 83 times before being taken down. The scammers put a limit on who may reply to the tweet in order to prevent anyone from adding warnings about it.
Metaverse platform Sandbox co-founder and CEO Arthur Madrid was also a victim of a Twitter account breach that resulted in the promotion of a bogus SAND token airdrop in May.
However, it is unclear whether this hack was linked to the group of hackers revealed by ZachXBT.