Over the past few weeks, a group of scammers has hijacked more than eight Twitter accounts belonging to well-known figures in the crypto space to promote phishing scams. So far, the group has stolen nearly $1 million worth of cryptocurrency, according to blockchain detective ZachXBT. In a June 9 Twitter post, ZachXBT outlined that he had discovered several "linked on-chain" wallets that were linked to a phishing scam fueled by recently hacked accounts.
"While the majority of these attacks were the result of SIM swapping, it appears that other accounts may have been compromised by the [Twitter admin] panel," ZachXBT noted. The accounts belonged to figures such as Pudgy Penguins founder Cole Villemain, DJ and NFT collector Steve Aoki, and Bitcoin Magazine editor Pete Rizzo.
Curiously, gold proponent and ardent cryptocurrency hater Peter Schiff also saw his account hacked to promote dubious links to tokenized gold in decentralized finance. "I want Twitter Safety to look into every single attack because they've resulted in almost 7 digits be ing stolen," ZachXBT said, adding: "Phishing scams are tweeted almost immediately when scammers gain control of a Twitter account. The slow response time of Twitter support causes some of these tweets to hang around for hours or even days." Blockchain Sleuths is urging people to use security keys instead of opting for SMS-based two-factor authentication.
Another account hack highlighted by ZachXBT involved OpenAI's CTO Mira Murati. On June 2, a member of the crypto community issued an alert that her account shared a phishing link promoting a fake airdrop of an ERC-20 token called OPENAI.
This particular post, which went live for about an hour, was viewed 79,600 times and retweeted 83 times before it was deleted. It's worth noting that the scammers limited who could reply to the tweet to stop people from warning it.
In late May, Arthur Madrid, co-founder and CEO of Metaverse platform The Sandbox, also suffered the same style of hacking of his Twitter account, which saw the promotion of a fake SAND airdrop. However, it's unclear if this particular hack was connected to the hacking group identified by ZachXBT.
