Entries related to Twitter account compromises

February 27, 2024

Scammers hack Twitter account of late actor Matthew Perry, solicit "donations" for "substance abuse charity"

There are evidently no lows to which crypto scammers will not sink.

Some scammers were able to compromise the Twitter account belonging to the Friends star Matthew Perry, who passed away in October 2023. He had spent much of his life battling addiction, and his death was drug-related.

The scammers took advantage of this to share crypto addresses that they claimed would funnel donations to the real Matthew Perry Foundation, which actually tries to help those battling addiction. However, in a post on Perry's other social media accounts, the Foundation clarified that they had nothing to do with the wallets or the Twitter posts, and described the website as "fraudulent".

"Late Friends star Matthew Perry’s X account hacked by crypto scammers", Protos [archive]

February 26, 2024

$440,000 stolen as MicroStrategy's Twitter account is hacked

Michael Saylor sitting in front of a large model ship

Michael Saylor (attribution)

MicroStrategy, the company founded and chaired by Bitcoin maximalist Michael Saylor, suffered a Twitter account compromise on February 26. Although MicroStrategy ostensibly develops software, it's better known for its massive Bitcoin holdings, driven by Saylor.

Although Saylor has been publicly critical of Ethereum, that didn't seem to raise flags among those eager to receive an airdrop of the Ethereum-based "MSTR" token that the company's Twitter account claimed they had just launched. Those who fell for the phishing link were redirected to a website that spoofed the real MicroStrategy website, with malicious code that drained funds.

Around $440,000 was stolen thanks to the fake announcement, with the majority of it coming from one wallet that was drained of a variety of tokens notionally worth around $425,000.

"Hackers exploit MicroStrategy social media to orchestrate $440,000 phishing heist", CryptoSlate [archive]

September 9, 2023

Vitalik Buterin's Twitter account hacked to promote crypto scam

Scam tweet from the Vitalik Buterin account, reading: "To celebrate Proto-Danksharding coming to Ethereum, @Consensys is marking the moment with a commemorative NFT.
"Proto", honors the work of the devs who made this possible. The collection is free for the next 24 hours.
Claim your piece of history:"

Scam tweet by Vitalik Buterin (attribution)

The Twitter account belonging to Vitalik Buterin, inventor and effective leader of the Ethereum project, was hacked to promote a crypto scam. A tweet posted to his compromised account advertised a "commemorative NFT" to celebrate the impending release of "proto-danksharding", which is the actual name for an upcoming change to the Ethereum protocol.

However, the link was a scam, and anyone who connected their wallet risked having their wallet drained of its cryptocurrency and NFTs. Some blue-chip NFTs were stolen, including two CryptoPunks (a collection with a floor price of around 47 ETH, or $76,800). Altogether, stolen assets surpassed $650,000 in value within a few hours of the theft according to zachxbt, though this counts notoriously difficult-to-value NFTs.

The tweet was taken down within twenty minutes of being posted. All in all, posting a link to a wallet drainer was probably among the least effective things the attacker could do with the Twitter account of a person whose word can dramatically move markets.

It did seem to be something of a stark warning to some in the crypto world, however, who expressed sentiments along the lines of "if Vitalik can get hacked, anyone can."

July 7, 2023

Hackers swipe pricey NFTs after compromising Gutter Cat Gang Twitter profile

A leopard-spotted cat with half-lidded eyes, wearing a black doo-rag and white shirt with "HODL" printed on it, on a purple background

Gutter Cat #707 (attribution)

An attacker successfully compromised the Twitter account belonging to the popular Gutter Cat Gang NFT project, as well as the one belonging to the project co-founder, and used them to post links to phishing sites claiming to be a new NFT airdrop. Instead of receiving the tokens they were promised, those who authorized the contract had their wallets drained.

One victim lost 36 NFTs, among them a Bored Ape NFT they'd purchased for around $130,000. Altogether, the attackers successfully stole NFTs worth between $750,000 and $900,000, depending on how resale value is estimated.

The following day, Gutter Cat Gang announced that they'd regained control over the Twitter accounts and taken down the malicious tweets. They stated that they were working with law enforcement to investigate the theft, but to the dismay of some victims, did not describe any plans to compensate those who lost assets.

"Gutter Cat Gang Twitter Hacked, At Least $750K Worth of NFTs Swiped", Decrypt

May 25, 2023

Hackers steal around $170,000 after compromising Steve Aoki's Twitter account

Steve Aoki (attribution)

Twitter account compromises remain a lucrative way to scam crypto enthusiasts. Someone was able to compromise the Twitter account belonging to electronic musician and crypto enthusiast Steve Aoki, posting a fake link to his NFT project that drained unsuspecting traders' wallets.

The scam was helped along by ben.eth, a Twitter personality who retweeted one of the tweets by the compromised account in which Aoki appeared to endorse a token created by ben.eth. According to crypto sleuth zachxbt, multiple followers of ben.eth were impacted by his retweet, which zachxbt characterized as "quote tweet[ing] a phishing scam posted by the compromised @steveaoki account for clout". Ben.eth ultimately promised to reimburse his fans who lost money thanks to his tweets.

Tweet thread by zachxbt

January 27, 2023

Hacked Azuki Twitter account enables theft of pricey NFTs and crypto priced at more than $1.74 million

A green zombie-looking ape with a red warty mouth and sharp teeth, with a turquoise hachimaki and a tie-dye shirt

Mutant Ape #16924, which most recently sold for ~$23,400 (attribution)

Hackers were able to compromise the Twitter account belonging to the popular Azuki NFT project, which they then used to promote a fake NFT drop to its 334,000 followers. Users who tried to mint the NFTs instead had their wallets emptied of pricey NFTs and cryptocurrencies.

Stolen NFTs included 74 Otherdeeds (floor price ~$2,700 each), 3 Porsche NFTs (floor ~$3,100), 57 Beanz (floor ~$2,600), 12 Doodles (floor ~$10,600), 2 Mutant Apes (floor ~$24,300), and 49 Pudgy Penguins (floor ~$9,200) to the attacker. Altogether, those stolen NFTs could fetch almost ~$1 million if sold at floor price.

One single wallet transferred 750,000 of the USDC stablecoin to the attacker, resulting in a particularly brutal loss for one individual.

One of the attacker wallets on Etherscan
Another attacker wallet on Etherscan

August 24, 2022

Researcher zachxbt alleges that teenager who stole crypto worth $37 million in 2020 is responsible for a spate of crypto-related Twitter hacks

BirdPartner - The Secret Twitter Panel
Today, I will start to lease out access to my exclusive Twitter panel. This support hub allows you to request usernames, ban accounts, restore access to stolen/locked accounts, report instances of rule violations, and more.
Due to the extreme nature and power of the panel, access will be restricted to a limited amount of users at once. There are several packages; each becoming more discounted the bigger package you buy.

Post on SWAPD advertising access to Twitter panel (attribution)

In 2020, a Canadian teenager used SIM swapping to steal US$37 million in Bitcoin and Bitcoin Cash from a single person. Canadian police announced his arrest in November 2021 after he tried to buy a rare gaming username, also writing that they had seized around $5 million of the stolen funds.

Now, crypto investigator zachxbt thinks the same individual is indirectly responsible for a slew of compromised Twitter accounts that have then been used to promote crypto scams, including those of Beeple, DeeKay, and others. According to zachxbt, he has been selling access to a Twitter admin panel, which allows employee-level access to Twitter tools. This might explain how many of the accounts were compromised despite being protected by multi-factor authentication. According to zachxbt, "It's still unclear as to how Redman gained access to the panel to make elevated requests & reset passwords. As of now it appears the method stopped working".

Tweet thread by zachxbt

July 16, 2022

NFTs valued at $150,000 stolen via phishing link posted to the hacked Twitter account of NFT artist DeeKay

A colorful illustration of a conveyer belt ziz-zagging upwards. On the bottom level is a small boy with a butterfly over his head, amidst houses and trees. The second level has a larger town. The third level has an illustration of New York, with skyscrapers and the Statue of Liberty. The fourth level has San Francisco, with the Golden Gate Bridge. The fifth and final level has hills and a gravestone, with a ghostly angel next to it.

Frame from the animated "Life and Death" NFT sold to Snoop Dogg (attribution)

On July 16, hackers compromised the Twitter account belonging to the well-known NFT artist DeeKay, who sold an NFT for 310 ETH (then $1 million) to Snoop Dogg in April. The 180,000 followers of DeeKay's compromised Twitter account saw it post a link announcing a new limited quantity airdrop, which directed them to a website mimicking DeeKay's real site. Some people fell for the scam, and in trying to claim their NFTs, actually approved transactions that allowed the scammers to empty their wallets. One victim lost four Cool Cat NFTs and three Azuki NFTs, which have floor prices of around 4 ETH (~$5,350) and 12 ETH (~$16,200) respectively.

Altogether, the stolen NFTs were valued at around $150,000. DeeKay reported that he wasn't sure how his Twitter account had been compromised, but that "my guess is that [two-factor authentication] was off for that specific time". DeeKay wrote that he was considering compensating his followers who were victim to the scam, but that "[a] few are pretending to be affected and looking for opportunities", and "this also encourages hackers to keep doing their thing". "There were some kind souls who were affected and have shown me great flexibility for me to compensate in different ways. Some are asking for high demands as if I was the hacker...😪", he wrote in the thread.

June 9, 2022

Scammers compromise verified, 5-million-follower Twitter account for Venezuelan newspaper El Universal, use it to promote fake Goblintown site

Verified Twitter account showing the display name "goblintown.wtf", but a username of ElUniversal

Compromised Twitter account (attribution)

Scammers successfully compromised the Twitter account for El Universal, a Venezuelan newspaper. The account is verified, and has five million followers. The scammers used the account to promote "goblintowm" (note the m on the end), a fake website pretending to be the recently-popular Goblintown project. Users who connected their wallets to try to mint the free NFTs instead saw their wallets drained of their cryptocurrency and NFTs.

One of the wallets used by the scammers had stolen 64 NFTs, though most of them were low in value. The address had also pulled in 16.5 ETH (~$30,000). However, most scammers rotate wallets, and this likely doesn't reflect the total damage from the scam.

Tweet by NFTherder
Archived copy of the compromised Twitter account

May 22, 2022

Beeple's Twitter account is hacked and used to promote fake NFT mints

Tweet by beeple: "Been working on this with LV for a long time behind the scenes. 1000 total unique pieces. BEEPLE x VUITTON COLLECTION_1: BEEPLES Official Raffle Below. 1 ETH = 1 Raffle Entry. All non-winning entries are refunded post-raffle. Good luck :)"

Tweet from Beeple's compromised account (attribution)

Attackers gained control of the Twitter account belonging to Beeple, an artist known for "selling" an NFT for $69 million in March 2021 and for his recent horror-inducing NFT collab with Madonna. They used the account to share two scam mint links — first to a supposed NFT collaboration with Louis Vuitton, then to "extra" artwork Beeple supposedly created but never minted as NFTs. The scam drew in around $272,000 in ETH and stole 45 NFTs worth approximately $166,000 before Beeple regained control of his Twitter account about five hours later.

Various commenters replied to Beeple's tweet to say they'd been scammed, and to ask if he could help them recover their funds or NFTs. Some blamed him and his poor security practices for their losses, asking if he would repay those who were scammed. He has not suggested he intends to do so.

Tweet thread by sniko

No JavaScript? That's cool too! Check out the Web 1.0 version of the site to see more entries.