When you shouldn't even believe the verification check mark.
The official Microsoft India account on the social network X with more than 211,000 subscribers was hacked by cryptocurrency scammers who pretended to be Roaring Kitty-the nickname of the famous stock trader Keith Gill.
The Microsoft X account in India has a gold check mark, which is assigned to the official accounts of companies, which gives publications more trust among subscribers. Attackers are taking advantage of Gill's recent comeback to lure potential victims and steal their cryptocurrency.
Criminals are using a hacked Microsoft India account to respond to fake tweets, luring the company's followers and others to a malicious website (presaIe-roaringkitty[.] com) that offers to buy GameStop cryptocurrency (GME) as part of a pre-sale.
Phishing site interface
When the victim connects their crypto wallet to the site, the attackers gain access to it and steal the cryptocurrency.
Many bot accounts also retweet the hacked account's tweets — a tactic designed to artificially increase the reach of malicious messages and trap even more victims.
The hacked account corresponds to fake accounts
At the moment, some of the fake accounts have already been blocked. The scale of the campaign and the damage are not known.
In recent months, X users have been exposed to a massive wave of account hacks, which has led to verified organizations falling victim to hacking attacks that contribute to cryptocurrency fraud and wallet theft.
In January, the US Securities and Exchange Commission (SEC) account on the X platform was hacked. Unknown attackers used it to publish false information about the commission's approval of the listing of Bitcoin funds (Bitcoin ETFs).
The official Microsoft India account on the social network X with more than 211,000 subscribers was hacked by cryptocurrency scammers who pretended to be Roaring Kitty-the nickname of the famous stock trader Keith Gill.
The Microsoft X account in India has a gold check mark, which is assigned to the official accounts of companies, which gives publications more trust among subscribers. Attackers are taking advantage of Gill's recent comeback to lure potential victims and steal their cryptocurrency.
Criminals are using a hacked Microsoft India account to respond to fake tweets, luring the company's followers and others to a malicious website (presaIe-roaringkitty[.] com) that offers to buy GameStop cryptocurrency (GME) as part of a pre-sale.
Phishing site interface
When the victim connects their crypto wallet to the site, the attackers gain access to it and steal the cryptocurrency.
Many bot accounts also retweet the hacked account's tweets — a tactic designed to artificially increase the reach of malicious messages and trap even more victims.
The hacked account corresponds to fake accounts
At the moment, some of the fake accounts have already been blocked. The scale of the campaign and the damage are not known.
In recent months, X users have been exposed to a massive wave of account hacks, which has led to verified organizations falling victim to hacking attacks that contribute to cryptocurrency fraud and wallet theft.
In January, the US Securities and Exchange Commission (SEC) account on the X platform was hacked. Unknown attackers used it to publish false information about the commission's approval of the listing of Bitcoin funds (Bitcoin ETFs).
