Hackers took over the official MicroStrategy X account and uploaded a series of malicious links to a fake airdrop for the so-called Ethereum-based $MSTR token. MicroStrategy’s X account has been compromised, with malicious links pointing to a bogus airdrop of an “official” Ethereum-based MSTR token.
When a user clicks on the link, they are directed to a fraudulent MicroStrategy website where they are urged to connect a wallet and claim the counterfeit $MSTR airdrop. Once users accept a set of rights in their Web3 wallet, it is acknowledged that attackers can automatically drain the tokens from the user’s wallet.
According to independent blockchain investigator ZachXBT and anti-scam site Scam Sniffer, the scam has already resulted in losses of over $440,000.
0xe7645b8672b28a17dd0d650a5bf89539c9aa28da
— ZachXBT (@zachxbt) February 26, 2024
~$440K stolen from the compromise so far
Scam At 12:43 a.m. UTC, barely a few minutes after the initial fraudulent link was uploaded to MicroStrategy’s account on X, Sniffer reported that only one user had lost almost $420,000 due to the phishing scam.
someone lost $424,786 worth of $wBAI, $wPOKT, and $CHEX to phishing scams about 5 minutes ago. pic.twitter.com/GEJvHEXuM7
— Scam Sniffer | Web3 Anti-Scam (@realScamSniffer) February 26, 2024
The unnamed victim lost a total of $424,786 in altcoins, with one transfer going to the MicroStrategy attacker and the other two being automatically sent to a second wallet affiliated with the notorious hacking gang PinkDrainer.
The unknown victim signed a transaction in which $134,000 in wBAI, $122,000 in CHEX, and $45,000 in wPOKT were sent to the attacker’s wallet address.
According to Ethereum DeBank, the MicroStrategy attacker’s wallet address currently contains $329,000 in Ethereum-based tokens. Crypto industry experts were quick to point out the scam’s obvious nature, with the pseudonymous British crypto investor Cobie nothing that MicroStrategy, a corporation only focused on Bitcoin, would almost certainly not issue a token on Ethereum.