今天�,MicroStrategy 的個(gè)人資料 X(以前稱為 Twitter)遭到駭客攻擊,並宣傳了假想的空投欺詐性加密代幣�����。
畢竟還有第二個(gè)最好的
(如果不明顯的話��,就被駭客攻擊了��,哈哈)pic.twitter.com/cdLqbqiiCO
- Spreek (@spreekaway) 2024 年 2 月 26 日
這條有罪的推文很快就被刪除了�,可能是因?yàn)樗麄兒芸煲庾R(shí)到這一點(diǎn)並且能夠及時(shí)幹預(yù)。
這條推文在美國(guó)發(fā)佈時(shí)是周日晚上���,所以乾預(yù)確實(shí)很快����。
詐騙加密貨幣和 MicroStrategy Twitter 個(gè)人資料遭到駭客攻擊 (X)
該騙局代幣名為 MSTR�,與 MicroStrategy 的股票代碼完全匹配。
駭客發(fā)布的推文稱 MSTR 是完全整合到 MicroStrategy 生態(tài)系統(tǒng)中的以太坊代幣����,但這顯然是一個(gè)謊言。
該推文中包含的另一個(gè)巨大謊言是 MSTR 將得到 MicroStrategy 及其比特幣儲(chǔ)備的支援�。
名為 MSTR 的加密代幣實(shí)際上存在�,但它是 Monsterra 專案 BSC 上的 BEP20 代幣����。
值得注意的是,該詐欺推文上線的時(shí)間太短��,以至於 MSTR 的價(jià)格幾乎沒有時(shí)間做出反應(yīng)�。
事實(shí)上,它的市值僅從 66 美分升至 68 美分�,在被駭客攻擊的消息發(fā)布後又回到了 66 美分。
畢竟����,這則推文顯然是欺詐性的,也因?yàn)橄?MicroStrategy 這樣的上市公司透過空投公開贈(zèng)送用自己的 BTC 抵押的代幣是沒有意義的����。
Monsterra 代幣可能與此詐騙嘗試無關(guān),也是因?yàn)?MSTR 這個(gè)名稱的選擇與證券交易所上 MicroStrategy 股票的股票代碼相關(guān)�。
該騙局包括說服用戶點(diǎn)擊駭客發(fā)布的鏈接�,假裝是他們可以請(qǐng)求接收透過虛假空投分發(fā)的代幣的網(wǎng)頁。
該連結(jié)指向一個(gè)網(wǎng)域?yàn)?microstralegy.com 的網(wǎng)站��,其中 L 而不是 T���。事實(shí)上���,MicroStrategy 官方網(wǎng)站的正確網(wǎng)域是 microstrategy.com��。
Monsterra 真正的 MSTR 代幣於 2022 年 8 月熊市期間首次在加密市場(chǎng)首次亮相����,價(jià)格為千分之 287 美元����,此後其價(jià)格除了下跌之外幾乎沒有任何變化。
總體而言�����,它的市值不到80萬美元��。
騙局的影響
儘管如此����,總價(jià)值超過 40 萬美元的加密貨幣資金似乎仍以這種方式被盜。
0xe7645b8672b28a17dd0d650a5bf89539c9aa28da
迄今從妥協(xié)中竊取了約 44 萬美元
- ZachXBT (@zachxbt) 2024 年 2 月 26 日
事實(shí)上��,詐騙者向其發(fā)送承諾偽造 MSTR 代幣交換的 ETH 的公共以太坊地址是已知的�����,並且多個(gè)代幣已被發(fā)送到該地址,不同的代幣���。
So despite the fraudulent tweet being quickly removed by MicroStrategy, and despite it being obvious that it was a scam, the hackers still managed to cash in a good loot due to ignorance and naivety.
Unfortunately, in the crypto markets there are many inexperienced or overly naive people who are easily convinced with grand promises to hand over their funds to scammers.
Twitter: MicroStrategy’s reaction to the crypto hack
For now, the company has simply intervened by removing the fraudulent tweet.
Being a publicly traded company, and the event happening on Sunday evening, it is likely that we will have to wait until Monday morning before they can thoroughly analyze what happened and let us know what happened.
During the day, it is hoped that they will publish on the same profile X how it was hacked, and how they have decided to protect it.
It is not the first time that something like this has happened, so much so that last month hackers even managed to access the official SEC profile.
Usually these hacks exploit a technique called SIM swap which allows to simulate the possession of the user’s phone number in order to receive an SMS for password recovery or access to the profile. In these cases it would be better to activate two-factor authentication, in order to reduce the risk that a single SMS is enough to penetrate the profile.
Crypto scams
Crypto scams are numerous, and essentially they always rely on the concept of convincing the naive to voluntarily send their funds to scammers by convincing them with lies, as in this case.
Unfortunately, when such lies are published on websites or official social profiles, it becomes much more difficult to recognize them.
The most emblematic case in this sense is precisely that of January, when hackers published false news on the official SEC X profile about the approval of Bitcoin spot ETFs, just the day before the real approval arrived.
In that case, the only way to recognize the lie was the linguistic style used in the tweet, which evidently did not fit at all with the institutional one of the SEC.
Instead, in the case of MicroStrategy it was much simpler, because it is impossible to imagine that the company had decided to give away tokens collateralized with their Bitcoin.
