The official Twitter account of Microsoft India, boasting over 211,000 followers and adorned with a gold checkmark denoting its verified status, fell victim to hijackers orchestrating cryptocurrency scams. Exploiting the prominence of the account, the scammers impersonated Roaring Kitty, the infamous meme stock trader Keith Gill, in an attempt to add credibility to their fraudulent activities. Leveraging Gill’s recent resurgence in popularity, the threat actors enticed unsuspecting users with promises of GameStop (GME) crypto as part of a presale, directing them to a malicious website harboring cryptocurrency wallet drainer malware.
In a bid to perpetrate their nefarious schemes, the hackers utilized Microsoft India’s compromised account to engage with users, replying to tweets and enticing followers to visit the fraudulent website. The phishing site, presaIe-roaringkitty[.]com, purported to offer access to exclusive cryptocurrency offerings, but in reality, it was a trap designed to siphon assets from unwitting victims. Moreover, the scammers employed various tactics, including the amplification of malicious posts through retweets from bot accounts, to extend the reach of their fraudulent activities and ensnare a larger pool of victims.
This incident underscores the escalating threat landscape facing social media platforms, with verified accounts increasingly becoming targets for malicious actors seeking to propagate cryptocurrency scams and disseminate malware. Microsoft India’s compromised account serves as a stark reminder of the critical importance of robust cybersecurity measures, including two-factor authentication (2FA) and heightened vigilance, to thwart such attacks and safeguard users from falling victim to fraudulent schemes. As cryptocurrency-related scams continue to proliferate across social media platforms, users must exercise caution and skepticism when engaging with online content, particularly offerings promising lucrative returns or exclusive opportunities, to mitigate the risk of financial loss and data compromise.
