Scammer Forbes Reporter Briefly Hacked CertiK’s X Account

HTML tutorialHTML tutorial

A phishing scammer who posed as a Forbes reporter briefly gained access to the X (formerly Twitter) account of blockchain security platform CertiK and used it to post messages advertising a malicious Web3 app, according to an X post from CertiK on Jan. 5.

The post stated that a “verified account, associated with a well-known media, contacted one of our employees.” 

The account turned out to have been compromised, which resulted in the employee getting phished and “related tweets” being posted to the account, the post claimed.

The malicious messages have now been deleted. In a Jan. 5 post to X, blockchain security platform Cyvers claimed to have seen the messages before they were deleted. 

According to them, the messages stated that Uniswap’s router had been compromised and that users needed to revoke all approvals for Uniswap using Revoke.cash. It led to a fake version of Revoke.cash that attempted to steal users’ crypto.

The malicious messages were discovered within seven minutes of them being posted, CertiK claimed, and the team immediately began a recovery process to remove the attacker’s access to its X account. 

Within 14 minutes, the team managed to delete the first of the malicious posts. After 37 minutes, the team’s investigation was over and the danger was neutralized. 

CertiK claimed that the scam was part of “a large-scale ongoing attack” similar to the one described by X user NFT_Dreww.eth in a Dec. 21 post. 

NFT_Dreww.eth had described a phishing scam in which the attacker posed as a Forbes reporter and asked victims to connect their X accounts to the Calendly calendar app to schedule a meeting. 

The links did not actually go to Calendly’s official website. Instead, they went to a fake Calendly site with a misspelled URL. 

See Also: Nest Wallet Co-founder, Bill Lou, Lost $125,000 Worth Of Coins To Fake Airdrop Scam

Once the victim “connected” their X account to the fake site, they unwittingly approved permissions for the attacker to post to X on their behalf.

In a reply to CertiK’s post, on-chain sleuth ZachXBT shared an alleged screenshot of the message used to phish CertiK. 

The message appears to be from a person impersonating former Forbes and Bloomberg contributor Mark Beech, who passed away in 2020.

In their post, ZachXBT asked CertiK if they would reimburse victims who may have been phished as a result of the malicious post to CertiK’s account. In response, CertiK stated “We encourage those affected during the recent Twitter incident to reach out to us.”

Phishing attacks have compromised several high-profile crypto X accounts over the past two weeks. On Dec. 29, Compound Finance’s account was compromised. On Jan. 4, the founder of Polychain Capital was hit as well.

Source: https://bitcoinworld.co.in/scammer-posed-as-forbes-reporter-briefly-hacked-certiks-x-account/