Image Source: BleepingComputer
Threat actors are hacking Verified Twitter accounts and leveraging them to steal user funds and account credentials. Over the weekend, the British Army’s official Twitter account was hijacked to promote fake non-fungible tokens (NFTs) and cryptocurrency scams. The hackers tweeted malicious links and livestreamed old Ark Invest videos featuring Elon Musk to lure users to fraudulent cryptocurrency investment websites.
In a separate scheme, a Verified Twitter user received a phishing message via a direct message (DM) that stated their account was about to be suspended. The message, sent from another Verified Twitter account, indicated they were required to complete a multistep authentication process and provide their login credentials using an embedded link. A malicious website utilized Twitter’s APIs to validate sensitive account information and collect usernames and passwords.
The NJCCIC recommends users exercise caution with unsolicited communications and refrain from clicking links in suspicious or unexpected messages, including those from known contacts or Verified accounts. Only submit Twitter credentials on the official website by navigating directly to the URL or via the official Twitter app. If you believe your account credentials have been compromised, change your password and implement MFA immediately. Users are advised to report online scams to Twitter and the NJCCIC. More information on these scams can be found in the BleepingComputer article.