Hackers have hijacked two major Twitter accounts and used them to trick people into stealing cryptocurrency.
The attackers were able to break into X-accounts (formerly known as Twitter) of Hyundai MEA (Middle East and Africa) and Netgear, giving them access to more than 160,000 followers.
They renamed Hyundai's account to Overworld, in an attempt to emulate a “cross-platform multiplayer RPG” backed by the venture capital arm of cryptocurrency exchange Binance.
Regaining access
The threat actors used the accounts to share links to malicious websites, fake giveaways promising $100,000 to the first 1,000 users who registered on the website. Those who register will be asked to connect their cryptocurrency wallet to receive the funds. However, after connecting, the malicious website would only empty the wallet of all cryptocurrencies and NFTs kept there.
Netgear's account was seized around January 6 and used only to respond to BRCapp tweets to try to get people to click on the malicious link.
At the time of writing, both companies appear to have regained access to their accounts, as there are no traces of malicious tweets or replies. Overworld, on the other hand, warned its followers to be careful when interacting with the game on social media: “Be careful and stay away from those who impersonate our account. Only click on links from the official @OverworldPlay Twitter account.”
Hackers are always finding new ways to abuse Twitter to steal people's cryptos. In late December, scammers found a way to trick people into thinking they were visiting a legitimate business account on X. This method relied on the way X handles links to different posts.
All users, and especially those interested in the blockchain industry, should always be alert to phishing, social engineering, and other scams.
Through BleepingComputer