A Web3 security vendor was tricked by a social media phishing attack which hijacked its account and enabled scammers to share a link to a malicious website, it has emerged.
That link was up for just 15 minutes, but it's unclear whether any of the company's 342,000 followers clicked through.
The phishing message itself appeared to spoof crypto wallet management firm Revoke, with a fake security alert taking users to a spoofed Revoke site.
This apparently contained crypto-drainer malware designed to transfer digital currency from victims' accounts without their consent.
Revoke was forced to publish its own post on Friday morning to warn users of the scam.
The phishing attack that compromised Certik involved the legitimate but dormant account of a Forbes journalist that was hijacked and used to message the security vendor.
It is believed to be part of a larger campaign using similar tactics to compromise high-profile X accounts.
In these attacks, a hijacked journalist account engages the victim organization and then sends a booby-trapped link to 'schedule' a meeting, which enables the attacker to steal the victim's X credentials.
Crypto-drainer malware is becoming increasingly popular.
Last month, researchers at Scam Sniffer claimed one variant, MS Drainer, was responsible for $59m in losses.
The same security firm recently claimed that wallet drainers had stolen nearly $295m in virtual currency from over 324,000 victims in 2023.
This Cyber News was published on www.infosecurity-magazine.com. Publication date: Mon, 08 Jan 2024 09:45:08 +0000