MicroStrategy’s X account hacked, shilling Ethereum token phishing scam

Business intelligence firm MicroStrategy’s X account has been hacked, posting malicious links to a fake airdrop of a so-called “official” Ethereum-based MSTR token.

A user clicking on the link is directed to a copycat MicroStrategy webpage that directs them to connect a wallet and claim the fake MSTR airdrop. Once users accept a series of permissions in their Web3 wallet, it is understood that the attackers can automatically drain the tokens out of the user’s wallet.

According to independent blockchain sleuth ZachXBT and anti-scam platform Scam Sniffer, losses incurred from the scam have already tallied over $440,000.

Scam Sniffer said just one user had lost over $420,000 to the phishing scam at approximately 12:43 am UTC, only several minutes after the first malicious link was posted to MicroStrategy’s account on X.

The unknown user lost a total of $424,786 worth of altcoins, with one transfer going to the MicroStrategy attacker and two being automatically re-routed to a second wallet associated with the notorious hacking group PinkDrainer.

The unknown victim signed for a transaction that saw a total of $134,000 worth of Wrapped Balance AI (wBAI), $122,000 worth of Chintai (CHEX) and $45,000 worth of Wrapped Pocket Network (wPOKT) sent to the attacker’s wallet address.

As of the time of publication, the MicroStrategy attacker’s wallet address holds a total of $329,000 worth of Ethereum-based tokens, per Ethereum DeBank.

#news #hacks #MicroStrategy #Bitcoin

Feb-26-2024 09:36:26 AM