Verified Twitter Accounts Hacked In $580k ‘Elon Musk’ Crypto Scam

Threat actors are hacking verified Twitter accounts in an Elon Musk cryptocurrency giveaway scam that has recently become widely active.

There is nothing new about cryptocurrency scams on Twitter, especially ones pretending to be giveaways from Elon Musk. In 2018, scammers raked in $180,000 using a successful Elon Musk giveaway scam promoted on Twitter.

Over the past week, security researcher MalwareHunterTeam has seen an uptick in verified Twitter accounts hacked in a scam promoting another fake Elon Musk cryptocurrency giveaway.

These accounts will reply to tweets, like Elon Musk’s below, and promote a scam where Musk is allegedly giving away free cryptocurrency.

The tweets will contain links that redirect to Medium article promoting the fake giveaway. The articles contain further links to the scam landing pages that state if you send bitcoins to the listed address, they will send you back twice the amount.

Also Read: A Look at the Risk Assessment Form Singapore Government Requires

While most of these tweets are using Elon Musk as their theme, some of the hacked accounts are also promoting fake giveaways from Tyler Winklevoss of Gemini Exchange.

MalwareHunterTeam told BleepingComputer that most of the accounts hacked for this scam have been dormant without activity from the owner.

“Big %, but not all. At least 2-3 was active within a few weeks to few days, of those one looked possible the last activities was not from the original owner but of course couldn’t verify,” MalwareHunterTeam explained.

As Twitter disabled the ability to verify an account in July after the company was hacked in a massive cryptocurrency scam, verified accounts are in high demand for threat actors.

The attackers are likely targeting dormant verified accounts not to be detected by the owner of the accounts.

BleepingComputer contacted Twitter with questions about this recent scam but did not receive a response.

Scammers rake in over $580k in one week

This scam has been very successful for the threat actors.

From the cryptocurrency addresses collected from landing pages seen by BleepingComputer and MetaMask, the threat actors have earned $587,000 in bitcoin.

Bitcoin address	Amount	USD amount
1cD2EEwxjVYqwP83Pah21PLnqD3PMJc6i	2.62081802	$103,238.22
1CZA6v4XzPQmC599WmSvbvsu2r8UEUUbHi	0.44035153	$17,346.15
1MUSK1dQxb8UZeUUZrBMGofDaL3UeL97tW	0	0
1MusK1HoQi7ULXJdodirUsHiZfyN7z5puP	1.00200000	$39.470.38
1MUSK1Je69ucdgjgMrwHb7DR9YxgzEvSKQ	0.12708550	$5,006.10
15VnqLx6AC48wHyV86UnvTY4qYJV18gNfM	0	0
16ShxhEXxzFyyEFeRkNbJDEHb3zuvTdSuH	10.64921182	$419,489.49

The Etherium giveaway scams did not do as well, only generating $2,700 for the scammers.

Ethereum address	Amount	USD amount
0xd2227F40458B8F1Bc2F2b07142541cDb792D3E12	2.21264498	$2,705.95
0x12b1036Ed346381fcCcacAB8b02491Ff37f87D82	0.000603109967162	0.73
0x38a19CA0b320012b1AC6227e391C11C34A12131b	0	0
0xB5E8780f0f2328288FCa05bb5D77065FEC2eBcA2	0.002780000000006	3.37

As there are many landing pages associated with this scam, it is possible that some have been more successfull in scamming people out of their assets.

Also Read: How to Send Mass Email Without Showing Addresses: 2 Great Workarounds

It is essential to understand that Elon Musk, Tesla, Gemini, or the Winklevoss twins will not send you cryptocurrency and that all these giveaways are scams.

If you wish to give away your cryptocurrency, send it to us: 3Jw4LswKzGzQBRX5s12br6TvJNm5NpQhUV. You won’t get any back, but you will at least fund journalism.