coinpedia.org
MicroStrategy’s X account has been hacked, with malicious links to a fraudulent airdrop of a “official” Ethereum-based MSTR coin. Though the links were later deleted from the account, the losses have already reached nearly half a million.
Hackers post malicious links to a fake airdrop for a so-called Ethereum-based$MSTR token
Anonymous crypto user Spreek was the first to notify the crypto community of the hack. Infamous on-chain investigator ZachXBT confirmed the hack and reported the lost amount to be around $440k. Web3 anti-scam platform scam sniffer shed more details and revealed that the hacker stole multiple altcoins and that the exact loss was $424,786 worth of $wBAI, $wPOKT and $CHEX. What is surprising is that a single user lost all this crypto, highlighting the intensity of the hack.
The airdrop post was misleading users with links to a fake “official” Ethereum-based MSTR token airdrop. Clicking the link led to a phoney MicroStrategy page, prompting users to connect a wallet for the airdrop which allowed attackers to drain tokens.
Experts are predicting that the victim signed a Uniswap Permit2 permit batch signature. This permit gives multiple token approvals to the spender. Officially there has been no confirmation of the hack by the Microstrategy team, but they deleted the post ASAP after being notified.
Is Twitter the new favorite of hackers??
Twitter account hacks are becoming increasingly common once again, with official handles facing the brunt of hacker activity. In a recent incident, the official Twitter handle of the Securities and Exchange Commission (SEC) fell victim to a breach.
The timing of the attack occurred just before the anticipated approval of the spot Bitcoin Exchange-Traded Fund (ETF). A tweet from the compromised SEC handle falsely announced the approval of the ETF, causing confusion among the investors.
Investigations revealed that the breach occurred due to an unidentified party gaining control over a phone number associated with the SEC account through a third-party service. It is said that the SEC account lacked two-factor authentication at the time of the compromise
With MicroStrategy joining the list of people affected by phishing attacks in 2024, there is an urgent need for robust security measures across all communication channels utilized by these hackers. Users before clicking on any links are always warned to check the credibility of the links and should always stay vigilant.