As a seasoned cybersecurity researcher with over two decades of experience under my belt, I must say that the recent string of crypto scams targeting high-profile entities like OpenAI and Decentraland is a stark reminder of the ever-evolving landscape of digital threats. It seems that no matter how sophisticated our defenses become, these cybercriminals always manage to find new ways to infiltrate systems and exploit vulnerabilities.
Crypto scammers took over OpenAI’s press account to post phishing links that targeted OpenAI users.
On September 23, someone unauthorized took control of OpenAI’s official press account on X and used it to advertise a questionable link that appeared to be a phishing attempt. OpenAI, as the creator of ChatGPT, has not publicly confirmed this security incident.
It appears an unauthorized individual has managed to get control over the official OpenAI Newsroom X account. This incident marks the fourth such breach of an OpenAI account in the last 15 months.
— Smoke-away (@SmokeAwayyy) September 23, 2024
Individuals responsible for the hack are endorsing a digital asset known as “OPENAI,” stating that this token aims to merge the realms of blockchain technology and artificial intelligence.
The messages deceived users into believing they could secure a share of the tokens’ total amount, granting them entry to the platform’s upcoming beta tests and tempting them to follow a fraudulent link directing them to a site that had been flagged as suspicious.
In order to make it seem genuine and avoid alerting cautious users, the cybercriminals silenced comment sections on the fraudulent posts, posting a message instead: “Comments are temporarily disabled due to suspicious links. Best of luck to everyone!
One user on X claimed the fake website was designed to mimic the OpenAI branding and looked legitimate at first glance. However, when clicking the OpenAI logo, a prompt would ask visitors to connect their wallets.
When people link their digital wallets to a deceitful site, they unknowingly approve a sham transaction. While this transaction may seem genuine, it actually hands over control of the user’s resources to the attacker, allowing them to empty the wallet by withdrawing all its funds.
Since 2021, ‘approval scams,’ as they’re known, have caused approximately $2.7 billion in damages, as reported by Chainalysis.
Unfortunately, similar attacks have targeted OpenAI execs on multiple occasions.
Most recently, OpenAI researcher Jason Wei’s account was hacked to promote the same phishing scheme, with the attackers previously targeting OpenAI’s Chief Scientist, Jakub Pachocki. Last year, OpenAI CTO Mira Murati also faced a similar breach in June 2023.
Last week, I came across an unfortunate incident similar to what’s been reported by crypto.news involving Decentraland, a virtual reality-focused project. Scammers capitalized on the platform by falsely advertising a fake airdrop of its native token. Their intention was to deceive users into linking their wallets and approving transactions that were actually malicious in nature.
Although all the previously mentioned assaults seem connected, it remains unclear whether the same set of perpetrators is involved.
Read More
Sorry. No data so far.
2024-09-24 12:34