Fake and stolen X Gold accounts for sale on the Dark Web
New security research has discovered that cybercriminals are abusing trustmarks on
Malicious actors who purchase these verified accounts then have access to a large number of people who believe they are receiving content from the original owner.
However, the new account owner may launch malicious phishing or financial scams that steal cryptocurrencies, personal information, and other valuable data.
Fools' gold
The investigation, conducted by CloudSEK, examined how verified accounts on
The research found that a new Prices also vary depending on the number of followers associated with the account, with one account with 28,000 followers being advertised for between €2,000 and €2,500.
Many of these accounts have been compromised using brute force passwords, and since many of these accounts have often been inactive for years, it is unlikely that password protection or authentication methods have been implemented on the accounts.
We all remember the chaos caused by the release of the original Twitter Blue subscription, which allowed users to subscribe with a little blue check mark next to their name, usually associated with verified or trusted accounts. This led to the impersonation of celebrities, including Elon Musk, and the impersonation of corporate entities.
To illustrate the dangers associated with these stolen accounts, CloudSEK drew attention to how the Ethereum co-founder had his X account stolen during a cyberattack. Before they could re-secure their account, the hackers had posted a link to a fake website offering free non-fungible tokens (NFTs) that managed to steal $691,000 worth of cryptocurrency before it was taken down just 20 minutes later.
CloudSEK recommends that if you have an old Make sure your accounts use the best password security practices.