Cybercriminals Exploit Authenticated X Accounts of Government and Business Entities to Propagate Cryptocurrency Scams; Emerging Black Market Sees Trading of Compromised Accounts, Priced Between $1,200 and $2,000.
Hackers are currently directing their efforts towards authenticated X accounts (formerly Twitter), particularly those associated with government and business profiles, identifiable by gold and grey verification badges. The primary goal is to compromise these accounts, promoting cryptocurrency scams, phishing sites, and platforms with crypto-drain features, as noted by Bleeping Computer. According to a recent report from CloudSEK, a novel black market has emerged, where hackers trade compromised X accounts bearing gold and grey badges, fetching prices ranging from $1,200 to $2,000.
A noteworthy incident involves the X account of Mandiant, a cybersecurity intelligence firm under Google, which was unlawfully accessed. This breach resulted in the dissemination of a fraudulent airdrop that led to the depletion of cryptocurrency wallets.
In a recent hacking incident earlier this week, Mandiant’s X account was utilized to endorse a site featuring a crypto drainer—a malicious software targeting cryptocurrency wallets. It deceives users into approving harmful transactions, allowing the drainer to pilfer their funds. This hack underscores ongoing concerns about X’s verification model since Elon Musk’s takeover, suggesting a shift in the structure of associating trusted accounts with verification badges.
Under the new subscription model, X has three types of check marks—blue, grey, and gold. A gold checkmark signifies an official organization or company, while the grey badge is reserved for profiles representing government organizations or officials. Both types of accounts must meet specific eligibility criteria. In contrast, blue checks are granted to users with an X Premium subscription.
While blue ticks can now be purchased, gold and grey badges are considered more trustworthy, and content from these accounts is generally deemed more reliable. Paradoxically, despite X’s efforts to increase the cost and complexity of impersonation and scams through the verification and subscription system, gold and grey badge accounts have become targets for hackers and valuable assets for cybercriminals.
In some instances, hackers gaining control of these accounts employ tactics such as locking out genuine owners, opting for a 30-day gold subscription, and subsequently transferring ownership to new individuals. Certain sellers even offer the option to include scam accounts as affiliates to verified gold accounts for a fee of $500. This approach provides credibility without undergoing the more stringent verification procedures imposed by the social media platform.
