Follow Elon Musk on Twitter? You might be pre-screened by scammers looking to scam new Elon subscribers.

New Musk followers are added to a “Deal of the Year” list on Twitter that tricks them into depositing small amounts of crypto into attackers’ wallets with the bogus promise of receiving up to 5,000 Bitcoin in return.

Fake Elon: ‘1000 new subscribers’ get ‘5000 BTC’

Twitter accounts following Elon Musk, Tesla, SpaceX and related accounts are being targeted in a crypto scam called “Freedom Giveaway”, BleepingComputer has discovered.

I gave @Elon Musk follow today to keep up to date with news from Twitter. A few hours later, I received this mysterious notification:

Suspicious notification targeting new Elon Musk subscribers
Suspicious notification targeting new Elon Musk subscribers (Computer Beep)

A pseudonymous account with the Twitter logo set as the profile picture had added me to a Twitter list called “Deal of the Year”.

For most Twitter accounts, including Musk’s, the list of their followers is public and can be monitored by anyone including bots and malicious actors for nefarious purposes.

On mobile, this is what the “Deal of the Year” list looks like:

List of Twitter Deal of the Year Scams
Twitter “Deal of the Year” list is a scam (Computer Beep)

To date, the list has 155 members added by its admin (the threat actor), and these accounts, when reviewed by BleepingComputer, were seen after Elon Musk, Tesla, SpaceX and related organizations on Twitter.

Notice the header image at the top.

The banner appears to be a real tweet from Elon Musk’s official account promising free crypto to randomly chosen “1000 new followers”.

That is until you notice the real username behind the scam account i.e. ‘@CroweYoshiko’ placed just below the listing name, ‘Deal of the Year’ with its profile photo (Twitter logo) which gives it some credibility.

The advertised URL, FreedomGiveaway.net is also compelling, given that Mr. Musk is a self-proclaimed free speech absolutist, frequently tweets about “freedom” of speech [1, 2]and took controversial steps to steer Twitter in that direction.

The fake quiz asks you for the BTC address

On the Freedomgiveaway.net website, users are greeted with a prompt to confirm they are “over 18” and are further presented with fake quiz questions about Tesla, StarLink and Musk. The answers to these questions are largely common knowledge.

fake quiz
Fake quiz presented by ‘Freedom Giveaway’ website (Computer Beep)

Upon answering 3-4 questions correctly or incorrectly, users are presented with a screen asking them to enter their Bitcoin wallet address. Whether you select Ethereum, Bitcoin, Binance Coin or “I don’t use cryptocurrency”, the website will always ask you for a BTC address.

The website promises that your wallet will be credited with 5,000 BTC, but first you need to deposit a small amount, from 0.02 BTC to 1 BTC.

The false pretense is that the amount sent by the unsuspecting victim will be “multiplied” 5-10 times, with the large sum credited back to the victim’s wallet.

‘Freedom Giveaway’ asks for your Bitcoin (BTC) wallet address (Computer Beep)

The Bitcoin address announced by the attacker is:

As with any crypto distribution scam, the victim ends up sending the funds to the attacker’s wallet but never receives any amount in return.

A September report from cybersecurity firm Group-IB revealed the number of crypto giveaway scam domains had tripled this year.

In May, an investigation by McAfee and BleepingComputer revealed that fake crypto giveaways had millions stolen from victims by repurposing Elon Musk’s YouTube Ark Invest videos to lure victims to fake, fraudulent domains.

At the time of this writing, the wallet used by the “Freedom Giveaway” scam shows a balance of $0.00 indicating that no one has yet fallen for the scam. But the scam may be too recent, and given some of its compelling evidence, BleepingComputer believes the scam warning is in the public interest.

Twitter accounts that follow famous personalities should be wary of suspicious messages and notifications coming their way.





Source link