Over the past few weeks, a group of scammers has hijacked more than eight Twitter accounts belonging to prominent figures in the crypto space to promote phishing scams. The group has stolen almost $1 million worth of crypto so far, according to blockchain sleuth ZachXBT.
In a June 9 Twitter thread, ZachXBT outlined that he had uncovered several wallets “linked on chain” that are connected to phishing scams promoted by the recently hacked accounts.
“While the majority of these attacks were the result of a SIM Swap it seems other accounts were potentially stolen with a [Twitter admin] panel,” ZachXBT noted.
Over the past few weeks we have seen 8+ account takeovers connected to the same group of scammers as evident by how their addresses are linked on-chain. I hope @TwitterSafety investigates each attack closely as they have resulted in almost seven figures stolen. @miramurati @PeterSchiff @steveaoki @biancoresearch @andy8052 @ColeThereum @pete_rizzo_ — ZachXBT (@zachxbt) June 8, 2023
The accounts belong to figures such as Pudgy Penguins founder Cole Villemain, DJ and NFT collector Steve Aoki and Bitcoin Magazine editor Pete Rizzo.
Oddly enough, gold proponent and fervent crypto hater Peter Schiff also saw his account hacked to promote a dubious link relating to tokenized gold in Decentralized Finance.
“I hope Twitter Safety investigates each attack closely as they have resulted in almost seven figures stolen,” ZachXBT said, adding that:
“When the scammer gains control of a Twitter account, phishing scams are tweeted out almost immediately. Slow response times from Twitter Support have resulted in some of these tweets staying up for many hours and even days.”
Tweeted phishing scams. Source: ZachXBT, Twitter
The blockchain sleuth urged people to use a security key as opposed to opting for SMS-based two-factor authentication.
Another one of the account hacks highlighted by ZachXBT includes OpenAI’s CTO Mira Murati.
On June 2, members of the crypto community fired off warnings about her account sharing a phishing link promoting a fake airdrop for an ERC-20 token named OPENAI.
This particular post was live for roughly an hour and was viewed 79,600 times and retweeted 83 times before it was deleted. Notably, the scammers had restricted who could reply to the tweet in a bid to stop people placing warnings on it.
In late May, Arthur Madrid, the co-founder and CEO of metaverse platform The Sandbox was also subject to the same style of Twitter account hack that saw the promotion of a fake SAND airdrop.
It is unclear if this particular hack is connected to the group of hackers identified by ZachXBT however.