Security
Headlines
HeadlinesLatestCVEs

Headline

Elon Musk-themed cryptocurrency scam uses fake Medium as the promotion site

It seems we’re never short of Bitcoin scams banking on the popularity of Elon Musk. Here’s another one of them. The post Elon Musk-themed cryptocurrency scam uses fake Medium as the promotion site appeared first on Malwarebytes Labs.

Malwarebytes
#web#auth

So Elon Musk is buying Twitter, and you can be sure that scammers are making the most of this news.

As Elon Musk spends most of the week in the headlines, so pop up Elon Musk-themed scams—and it looks like they may be ramping up.

We witnessed a flurry of replies from the man himself in response to someone making a comment.

“Oh. Wait a minute….”

Sadly, it isn’t him but rather an army of bots, all bearing the same current profile picture of the Tesla CEO as his official Twitter account.

All of the URLs in their responses are shortened. No matter which one a user clicks, they all lead to the same website. You may be surprised when you see what it is.

“Wait a minute…!”

Musk must have taken the leap into longform blogging and is now a Medium author. He’s also off to a flying start with fewer than 5,326 claps on his first post. However, pulling at the page threads reveals more than the creator may have been bargaining for.

The page claims that Musk is doing an “official” ETH (Ethereal) and BTC (Bitcoin) giveaway. This giveaway aims to hand out a significant amount of BTC, ETH, and DOGE (Dogecoin) to winning participants. Appealing—if you’re a big cryptocurrency user.

Everything about the page is intended to convince the visitor that it’s all genuine, down to the numerous comments from “Medium users” saying they received their funds.

Comments from supposed giveaway participants. All are, of course, fake.

We checked all of the profiles in the replies. With one exception—an account seemingly posting spam blogs—all of them lead to the official Medium front page, 404 pages, or suspended profiles.

This isn’t very reassuring. When we checked out the three links for the “giveaways,” it gets worse. Here’s a familiar face:

Tesla 100 000 ETH Giveaway!

To verify your address, just send from 0.5 to 100 ETH to the address below and get from 5 to 1000 ETH back!

Regular readers will recognize this design, as it’s similar to the landing page we covered concerning a fictional space marathon Tesla giveaway.

While this setup throws ETH and DOGE into the mix, it’s notable that the maximum donation suggested through BTC has increased. In contrast, the fake marathon giveaway asked visitors to send between 0.02 to 1 BTC.

Donations via DOGE and ETH coins are no joke either. For the former, it asks for amounts between 2,000 and 100,000 DOGE coins, hoping to get 20,000 to 1,000,000 back. That’s worth $276 to $13,801, with participants wishing to receive between $2,769 and $13,846 (based on rates at time of writing).

For the latter, it asks for between 0.5 to 100 ETH coins with a promised return of 5 to 1,000 ETH. That’s between $1,425 and $285,045 with a significant return of $14,252 to an extraordinary $2,850,458 (based on rates at time of writing).

We don’t know if whoever runs these sites is also responsible for the space marathon, but the giveaway page seems easy to reuse as a template. Scammers on this one appear to be a lot more ambitious than the space marathon people ever were.

The BTC address flags up across several spam or warning databases. One particular report is interesting, in which it claimed the address was involved in ransomware and appeared to be from a victim who claims to have recovered their money in “less than 48 hours”.

Created with GIMP

The report says:

Good work deserves recommendation... i lost over 2.3 BTC on Instagram bitcoin scam.. Right about 2 weeks after my ordeal with them I tried using the recommendation from someone on one of the comment section {redacted}. I was able to get all my money back in less than 48 hours. Contact {redacted} to recover all your stolen bitcoins free of charge.

Visiting the URL in the comment opens a non-HTTPs site claiming it is the Internet Crime Complaint Center (IC3), asking visitors to submit their name, address, phone number, email, transaction date, and “proof of payment”.

Don’t be fooled. This is just one of the many faces of a recovery scam.

If you’ve lost funds to the relevant BTC address, we suggest contacting the official IC3 site or the closest equivalent in your region. As for the many, many Elon Musk-themed Bitcoin giveaways, we advise you to ignore them.

What’s noticeable with these is that the scammers are creative in their ways to get you on board. These aren’t effort-free generic sites, and they’re just off the wall enough to make Elon Musk fans think they’re the real deal.

Stay vigilant, and stay safe!

Malwarebytes: Latest News

Warning: Hackers could take over your email account by stealing cookies, even if you have MFA