- SlowMist analysts examined social network X for malicious content.
- More than 80% of comments under posts of well-known projects lead to sites with phishing software.
- Fraudsters buy social network accounts, which are often focused on the crypto industry.
Cybersecurity company SlowMist analyzed social network X (formerly Twitter) for malicious content. Experts have found that over 80% of comments under publications of well-known projects are related to phishing software.
The report states that scammers are actively purchasing X accounts to use for their own purposes. They are sold in the Telegram messenger, where there is a whole market for this category of clients, experts say.
Preparation and implementation
Attackers are offered a wide selection of accounts, including accounts similar to the profiles of well-known crypto projects. Such a “product” may have a different number of subscribers and a long date of registration on the platform.
After purchasing an account, scammers use advertising tools to increase trust on the social network. With their help, they increase the number of subscribers, likes and promote their profile on site X. Experts note that such services are offered not by the platform itself, but by third-party services, which often accept payment in crypto assets.
Next, the attackers disguise the profile as an existing project and involve bots that monitor the publications of the original account. As soon as a new post appears on the company’s account, the scammer’s product comments on it. As a result, the user gets the impression that the post is related to the previous publication.
Analysts have found that the vast majority of such comments are related to cryptocurrency projects. The links attached to them lead to sites with phishing software that allows you to steal user assets.
Using the MistTrack tool, analysts were able to track some addresses associated with scammers. Experts note that attackers often create an entire network to distribute malicious links.
SlowMist representatives have compiled a list of recommendations that allow you to avoid criminal schemes. Among them are the following tips:
- Installation and optimization of plugins to combat malicious content. Analysts note that 90% of NFT phishing scams involve fake domains. For this reason, plugins that quickly identify fake addresses significantly reduce the risk of losing assets.
- Enabling all security features provided by the crypto wallet provider company. In addition, it is necessary to study in detail any transactions associated with your address before approving them, SlowMist reminds.
- Developing personal safety awareness. Analysts consider this point to be one of the key ones, since auxiliary services and plugins are only assistance tools. The main obstacle on the path of attackers is the user himself and his attentive attitude to any content with which he interacts, experts say.
Let us remind you that we wrote that the Somesing blockchain platform suffered from a hacker attack worth about $11.5 million.