January 4, 2024 at 01:40PM
Verified X (formerly Twitter) accounts with ‘gold’ and ‘grey’ checkmarks are increasingly targeted by hackers for cryptocurrency scams, including accounts of government, business, and official organizations. CloudSEK report shows compromised accounts sold in a black market for $1,200-$2,000, with hackers also offering to affiliate scam accounts to verified gold accounts for $500.
Key Takeaways from Meeting Notes:
1. Verified accounts on X (formerly Twitter) marked with ‘gold’ and ‘grey’ checkmarks, belonging to government and business profiles, are being increasingly targeted by hackers to promote cryptocurrency scams.
2. Hackers are hijacking verified accounts, such as the recent incident involving the account of cyber threat intelligence company Mandiant, to distribute fake airdrops and empty cryptocurrency wallets.
3. MalwareHunterTeam has reported several instances of compromised “gold” and “grey” accounts, including those of Canadian senator Amina Gerba, nonprofit consortium ‘The Green Grid,’ and Brazilian politician Ubiratan Sanderson, within the past few days.
4. Gold checkmarks indicate official organizations/companies, while grey badges mark government organization or official profiles. These accounts must meet specific eligibility requirements.
5. Verified accounts are considered more reliable due to the trust associated with the “identity signals” that inspire credibility and trustworthiness.
6. CloudSEK’s report highlights the emergence of a black market where hackers sell compromised gold and grey accounts for prices ranging from $1,200 to $2,000.
7. Sellers are offering the option to add scam accounts as affiliates to the verified gold accounts for an additional $500, providing them with credibility without undergoing the rigorous verification process from the platform.
8. Threat actors on dark web markets and Telegram also work with compromised dormant corporate accounts that can be converted into “gold” profiles by the buyer.
9. CloudSEK observed six sales of such accounts in a month, one of which was a dormant account since 2016, with 28,000 followers and advertised for $2,500.
10. Recommendations include closing dormant accounts that have been inactive for a prolonged period, reviewing security settings, and activating two-factor authentication, as well as checking connected apps and active sessions on other devices.