Users who click on the provided link will find themselves directed to a fraudulent MicroStrategy webpage, designed to mimic the legitimate site, urging them to connect their wallets and claim a fictitious MSTR airdrop. Upon granting a set of permissions in their Web3 wallet, it becomes apparent that attackers have the ability to siphon tokens directly from the user's wallet.
The scam, as reported by independent blockchain investigator ZachXBT and anti-fraud platform Scam Sniffer, has resulted in losses exceeding $440,000. Notably, a single user fell victim to the phishing scam, losing over $420,000, mere minutes after the initial malicious link surfaced on MicroStrategy's X account.
The unfortunate individual incurred losses totaling $424,786 in various altcoins, with significant sums transferred to both the MicroStrategy attackers and another wallet associated with the notorious hacking group, PinkDrainer. Among the transferred assets were $134,000 worth of Wrapped Balance AI (wBAI), $122,000 worth of Chintai (CHEX), and $45,000 worth of Wrapped Pocket Network (wPOKT).
At the time of reporting, Ethereum DeBank revealed that the wallet addresses linked to the MicroStrategy attackers contained a collective sum of $329,000 in Ethereum-based tokens. Industry experts were swift to recognize the fraudulent scheme, with one anonymous British cryptocurrency investor, Cobie, highlighting the incongruity of MicroStrategy's involvement. Given MicroStrategy's focus exclusively on Bitcoin, it seems improbable that the company would issue tokens on the Ethereum network.
The incident underscores the need for vigilance within the cryptocurrency community and serves as a reminder to exercise caution when interacting with unfamiliar links or platforms, especially those soliciting sensitive information or requesting wallet permissions.
