Warnings have been released this week after a cryptocurrency scam involving the hacking of Twitter accounts was spotted on the social media site.
Forex fraudsters hacked the account of Britain-based film company Pathe Films as well as publishing firm Pantheon Books as part of the scam. They then altered the profile photograph and name of the account to the details used on the account of Tesla CEO Elon Musk.
Following this, the hackers then retweeted – or copied – tweets over from the actual Elon Musk account to create the illusion of legitimacy.
The cryptocurrency scam was then placed in a link, which the hackers “pinned” to the top of the page.
Those posing as Musk asked users to transfer 0.1 bitcoin to a particular address, for what they claimed would be 20 bitcoin in return.
The wording of the tweets posted on the firms’ accounts directed users to a website, musk.plus.
“I’m giving 10,000 Bitcoin (BTC) to all community! I left the post of director of Tesla, thank you all for your support! I decided to make the biggest crypto-giveaway in the world, for all my readers wh (sp) use Bitcoin. Participate in giveaway – musk.plus,” it read.
The firms affected have now deleted the tweets. The musk.plus website was down at the time of writing.
In a related development, the scammers are believed to have also used paid-for Twitter promotion features to spread their scheme – a move which will raise eyebrows among social media industry watchers, who are likely to ask questions about how the ad was approved by Twitter’s team.
Arieh Kovler, a politics and communications consultant, highlighted the scam and shared a screenshot of the hacked Pantheon Books account.
“SCAM ALERT!” wrote Kovler. “This elaborate scam involves hijacking multiple verified Twitter accounts and somehow getting a fake ad approved.”
“A few minutes ago I saw this promoted tweet (a paid ad) from “Elon Musk” offering a free Bitcoin. All you have to do is send ‘him’ 0.1btc first – approximately 650 dollars”, Kovler continued.
Cryptocurrency fraud is not unheard of on Twitter. Back in August, a group of researchers said they’d found a network of 15,000 bots – all of which were designed to promote a similar sort of “giveaway” to the one used in this particular scam as well.
In that scam, “copycat” accounts would be created in order to craft an illusion of legitimacy – and the hallmarks of this scam, including the lifting of a picture and name, were also present.
The research paper, from Duo Security, said that “a 3 tiered botnet structure” existed, and that it consisted “of the scam publishing bots, the hub accounts (if any) the bots were following, and the amplification bots that like each created tweet”.
More generally, the real Elon Musk himself does have a passing interest in the Bitcoin world. However, he is not believed to be a large-scale investor.
Earlier this year, he said that he’d been given 0.25 bitcoins – and that that was all he had. In a tweet he published, he said he owns “zero cryptocurrency, apart from .25 BTC that a friend sent me many years ago”.