Cryptocurrency scammers are capitalising on a loophole in X's interface to proliferate scams, fake giveaways, and deceptive Telegram channels. BleepingComputer reports a user interface flaw, initially identified by X user @rcwht_, enabling scammers to craft seemingly legitimate URLs with malicious content.
A flaw identified by BleepingComputer allows scammers to manipulate URLs, presenting a tweet as if posted by a legitimate account, while redirecting users to fraudulent content. For instance, the link below may appear authentic:
https://x.com/itscrypto_news/status/1736650221243826564
However, it redirects users to Elon Musk's post due to a flaw in verifying the post's association with the account_name field. High-profile accounts, including Binance and Ethereum Foundation, have fallen victim to scammers exploiting this vulnerability.
X's mechanism of using the status ID for post retrieval without validating the account name facilitates scammers in modifying even high-profile account names.
https://twitter.com/[account_name]/status/[status_id]
The security researcher MalwareHunterTeam highlights scammers targeting crypto-related accounts for weeks, executing fake airdrops on unsuspecting victims.
Scammers mimic legitimate accounts, such as Binance and Ethereum, redirecting users to unrelated X users' tweets promoting crypto scams. Notably, the fake zkSync tweet led to a page impersonating the company and promoting a crypto-draining website.
Example X redirect crypto scams (Image Source: BleepingComputer)
Filtering out potentially harmful tweets through X's Quality Filter in Settings > Notifications > Filters could offer some protection. However, this might risk filtering out genuine content.
X Quality Filter (Image Source: BleepingComputer)
Recognising scam tweets becomes crucial, particularly on mobile, where the absence of an address bar can mislead users into perceiving scams as legitimate promotions.
Given that this redirect is a standard X feature, immediate changes seem unlikely. Users are advised to scrutinise the address bar when clicking on X links to ensure they are not being redirected and are visiting the intended tweet.
In the ever-evolving landscape of crypto scams, staying vigilant is paramount. X's vulnerability underscores the need for users to exercise caution, verify URLs, and adopt additional security measures to thwart scammers' attempts.
Cybercriminals are abusing X ads to promote websites that lead to cryptocurrency drains, fake investments, and other scams. Like all advertising platforms, X claims to display ads based on a user's activity, thereby guiding ads that match the user's interests.
JinseFinanceCrypto scammers execute a $58M heist via phishing campaigns on Google and X ads, utilizing a 'Wallet Drainer' and evading detection with regional targeting and redirect tricks.
Hui XinThe operation relies on tricking users into clicking on these phishing links, then leading them to sign messages that unknowingly deplete their assets.
DavinThe security of Tellor's X account was compromised by a sophisticated phishing scam that enticed users with fraudulent airdrop offers.
KikyoThe scam of JPEX is heavily dependent on the “celebrity effect” to infiltrate various platforms, channels, and even different regions for promotion.
OliveA recent Twitter scam exploits blue checkmark confusion, targeting the GBTC amidst its ETF transition. Impersonating a verified account, the scam promises $25 million to those visiting the linked page.
KikyoThe Aptos Foundation's official Twitter account was compromised recently by scammers.
BitcoinistThe scheme swindled at least 29 investors out of more than $1.3 million, according to the CFTC.
CoindeskA group of hackers exploited the Twitter account of a crypto exchange, Gate io, to promote fraudulent activities. In an ...
BitcoinistCybercriminals drew thousands to a fake stream on YouTube inducing many to click on fake cryptocurrency advertisements.
Beincrypto