Cryptocurrency scammers have made at least $145,000 this week by promoting fake giveaways through hacked verified Twitter accounts.
Last month, we reported an increasing trend where verified Twitter accounts are hacked to promote fake cryptocurrency giveaways. At the time, these scams pulled in a massive $580,000 in cryptocurrency over a one-week period.
The attackers target verified accounts with thousands, if not millions, of followers. They then tweet fake giveaway scams from well-known people or companies, such as Elon Musk, Tesla, Gemini Exchange, and more recently, Chamath Palihapitiya, and Social Capital.
When tweeting the scams, it is common to see different Twitter sock puppets talking to each other as they promote each other’s tweets, as shown below.
Embedded in the tweets are links to sites that redirect to sites pretending to be Medium posts that promote the giveaway and include further links to the actual giveaway site, as shown below.
These sites tell visitors to send cryptocurrency to the listed address, and the site will send back double the amount you sent.
People continue to fall for these scams
Unfortunately, no matter how much BleepingComputer and other reporters cover these scams, people continue to fall for them.
MalwareHunterTeam, who has been monitoring these scams, has told BleepingComputer that the scammers continue to hack verified Twitter accounts with no sign of letting up.
From the list of examples MalwareHunter shared with BleepingComputer, we have determined that the scammers have made at least $145,000 this week alone.
These earnings include 1.49094148 bitcoins, with at today’s high prices is equal to $70,382.16.
The Ethereum giveaway scams did well for the scammers too, earning them $51,758.61.
Finally, Dogecoin, the newcomer in cryptocurrency giveaways, generated $26,004.94.
As many of the sites associated with these scams switch to different URLs and cryptocurrency addresses, the scammers likely made much more this week.
As these scams generate an incredible amount of money for the threat actors, they are not going away any time soon.
Therefore, everyone needs to understand that the vast majority of cryptocurrency giveaways are scams.
It is safer to treat any cryptocurrency giveaway you see online as a scam and understand that anything you send will not produce anything in return.