A widespread scam pretending to be from Elon Musk and utilizing a stream of hacked Twitter accounts and fake giveaway sites has earned scammers over 28 bitcoins or approximately $180,000 in a single day.
This scam is being pulled off by attackers hacking into verified Twitter accounts and then changing the profile name to "Elon Musk". They then tweet out that he, being Elon, is creating the biggest crypto-giveaway of 10,000 bitcoins.
"I'm giving 10 000 Bitcoin (BTC) to all community!
I left the post of director of Tesla, thank you all for your support!
I decided to make the biggest crypto-giveaway in the world, for all my readers who use Bitcoin."
Even worse, these posts are being promoted through Twitter advertising in order to give them wider visibility and to add legitimacy.
The sites that these fake profiles are promoting include musk[.]plus, musk[.]fund, and spacex[.]plus, which state that all a user has to do is send .1 or 3 BTC to the listen address in order to get 1-30 times in bitcoins back.
"To verify your address, send from 0.1 to 3 BTC to the address below and get from 1 to 30 BTC back!
BONUS: Addresses with 0.30 BTC or more sent, gets additional +200% back!
You can send BTC to the following address.
Waiting for your payment...
As soon as we receive your transaction, the outgoing transaction will be processed to your address."
The sickening part is that in a single day, these scammers have received 392 transactions to the bitcoin address 1KAGE12gtYVfizicQSDQmnPHYfA29bu8Da for a total of 28 bitcoins or approximately $180,000 USD.
To help perpetuate the scam, the attackers hacked into official government Twitter accounts such as the Ministry of Transportation of Colombia and the National Disaster Management Authority of India. These accounts were then used to promote the scam by stating that they sent bitcoins and received more coins back.
When BleepingComputer contacted Twitter regarding this scam, we were given this statement by a Twitter spokesperson:
"We don’t comment on individual accounts for privacy and security reasons. Impersonating another individual to deceive users is a clear violation of the Twitter Rules. Twitter has also substantially improved how we tackle cryptocurrency scams on the platform. In recent weeks, user impressions have fallen by a multiple of 10 in recent weeks as we continue to invest in more proactive tools to detect spammy and malicious activity. This is a significant improvement on previous action rates."