A new Twitter scam involving NFT thieves is gaining ground, so beware.
This picture taken in Moscow on October 12, 2021 shows the logo of US social network Twitter on a smartphone screen.
TheNextWeb reports that many hackers are taking over several verified accounts on the platform (the ones with the blue checkmark), all to post malicious links targeting the Moonbirds NFT project.
The NFT project, as per the report, has raked in over $290 million in sales across platforms like Looksrare and OpenSea. In order to steal, the hackers hijack a verified Twitter account, tweet out a malicious link. This link is made to trick people into thinking they're going to get a Moonbirds NFT, they're just sending their crypto payments straight into the hackers' wallets.
So far, at least 10 verified Twitter accounts have been hacked, and they're all pretty big names. The list includes former RuPaul's Drag Race Pangina Heals, Dahlia Sin, and Lady Camden, Levi Sanders (the son of Sen. Bernie Sanders), and even Indian and Argentinian politicians, among others.
It is also worth noting that this kind of Twitter scam has been going on for a while now, and the hackers are making an absolute mint off it.
One similar phishing hack also involved verified accounts that were stealing NFT assets from Bored Ape Yacht Club (BYAC) and Mutant Ape Yacht Club (MAYC). According to a report by Cryptonary, the scammers managed to steal NFTs from an individual BAYC and MAYC owner worth over $500,000, by virtue of scammy links.
The attack, as per Twitter user zachxbt (known for watching out for crypto scams), was more or less like a lamp post to fireflies as soon as it was launched. In a tweet, he mentioned that the Moonbirds NFT was the target of a cyberattack called a Sybil at launch.
Looks like someone created 400+ accounts to Sybil Attack the @moonbirds_xyz raffle:https://t.co/HeWT5d8DCP
— ZachXBT (@zachxbt) April 16, 2022
They’ve already sold the majority it looks like. Just at a quick glance they won 20+
One example:https://t.co/UTqYWRkgsG pic.twitter.com/szgJGT5JXO
A Sybil attack involves a single person creating so many digital wallets so they can be on the allowlist. This strategy enables the person to win 50 slots, which could have led to them earning a lot of money by selling the NFTs elsewhere.
Read also: Scammers Hacked the Project Bots of Bored Ape and Other NFT Discords on April Fools Day
How To Avoid The New Twitter Scam
Avoiding this new scam involving NFT trading is pretty simple: don't fall easily for links that look suspicious. This could be tough if the one sharing the links is a verified account, which the hackers want exactly. They want to trick you into thinking that the link is genuine when it is not.
This is a perfect example of a phishing attack, and is just the latest in 2022's list of NFT and crypto-based scams. As for Twitter being used as a staging ground, it remains to be seen how the social media giant aims to stop their platform from being used in this kind of way.
According to TheBlockCrypto, there's no clear rule in the company's Misleading & Deceptive Identities Policy that states how these scammers should be punished. The only thing that could be close enough is Twitter's Spam policy, which says that any account found spamming content could lead to its suspension.
But while this could stop the spam, it doesn't clearly target the hackers themselves-only, the owner of the hijacked account. This then leaves so many more accounts vulnerable because the scammers are basically going unpunished.
Related: Frosties NFT Rug Pull Generates Millions of Dollars Within Hours! Creators Charged With Defrauding
This article is owned by Tech Times
Written by RJ Pierce
