In a startling incident, hackers have resorted to a new modus operandi by impersonating crypto news journalists to carry out a heist. By leveraging the trust associated with reputable news sources, these cybercriminals managed to deceive unsuspecting victims and successfully make off with a staggering $3 million.
A hacking group called ‘Pink Drainer’ has been impersonating journalists in phishing attacks in order to compromise Discord and Twitter accounts and steal cryptocurrency from 1,932 victims. Additionally, according to the report, the hacking group utilizes social engineering techniques to compromise accounts. This involves the threat actors impersonating journalists affiliated with well-known media outlets like Cointelegraph and Decrypt, engaging in fraudulent interviews with unsuspecting victims.
Once the threat actors have gained the trust of their targets, they inform them of the requirement to undergo a KYC (know your customer) validation process to verify their identity. To carry out this deception, the threat actors direct the victims to websites specifically designed to pilfer Discord authentication tokens.
These fraudulent websites assume the guise of malicious bots, such as the Carl verification bot, and provide instructions to users. The victims are instructed to add bookmarks that seemingly contain harmless JavaScript code by dragging them onto a designated “Drag Me” button present on the deceptive webpage.
Since June 2nd, Atomic Wallet, a popular mobile and desktop crypto wallet that enables users to store a wide range of cryptocurrencies, has been the victim of a security breach. As a result, they have suffered a significant loss of over $35 million worth of crypto assets. ZachXBT, an on-chain investigator, has been collecting transactions of funds stolen from Atomic Wallet victims and claimed that over $35 million in cryptocurrency has been stolen as a result of this compromise.
The incident involving hackers impersonating crypto news journalists and stealing $3 million serves as a wake-up call for both individuals and organizations operating in the crypto space. As the digital landscape expands, it is imperative to remain vigilant, exercise caution, and stay informed to protect ourselves from such malicious schemes.