Hackers are specifically targeting prominent verified accounts on X, formerly known as Twitter, to promote crypto scams and drop links to drainers.
They are focusing on profiles belonging to government and business figures and entities with gold and grey verifications, leaning on the pretense of legitimacy as part of the nefarious intent.
A crypto drainer is a form of malware that targets cryptocurrency wallets by tricking the victim into consenting to a malicious transaction.
As reported by Bleeping Computer, Google subsidiary Mandiant, a cyber intelligence company bought for $5.4bn, was hijacked this week when it was used to distribute a fake airdrop which subsequently applied the drain.
Profiles attributed to Canadian senator Amina Gerba, nonprofit firm The Green Grid, and Brazilian politician Ubiratan Sanderson were used as examples of those to have been penetrated by hackers.
The account of Amina Gerba, a senator in the Canadian Senate got pwned, renamed & being used to spread scam. And as she is a senator, the account has a gray checkmark.
The actors are using it to fake as the “LFG” project that not even have a blue checkmark on their account.
— MalwareHunterTeam (@malwrhunterteam) January 2, 2024
Previously on Twitter, a blue tick or checkmark indicated a verified account. It could have been a mainstream, renowned company, a sports personality or a senior politician but since Elon Musk’s takeover and re-branding of the social media platform as X, all that has changed.
Now, anyone can pay a subscription fee to have a blue checkmark, bringing with it certain user benefits including the ability to edit posts.
A gold tick attached to an X account denotes an official organization or company, while the grey mark represents a government office or an individual official. They are supposed to promote trust, reliability, and authenticity as well as be bound by eligibility criteria.
Despite this, the associated costs for verification and the supposed difficulty of impersonating an official account have not proven to be an effective barrier to hackers seeking to manipulate the social media platform to scam unsuspecting users.
CloudSEK, a digital risk monitoring platform, has outlined the rise of a new black market where hackers trade compromised gold and grey X accounts for prices ranging from $1,200 to $2,000 in what is a stark reminder of the dangers that can be hiding in plain sight online.