Attackers have taken over the official X account for MicroStrategy account, posting a series of malicious links to a fake airdrop for a nefarious $MSTR token.
Business intelligence firm MicroStrategy’s X account has been hacked, posting several malicious links to claim a fake airdrop of a nefarious $MSTR token to its nearly 200,000 followers.
Once a user clicks on the link they are directed to a copycat MicroStrategy webpage which directs them to connect a wallet and claim the fake $MSTR airdrop. Once users accept a series of permissions in their Web3 wallet, the attackers can automatically drain the tokens out of the user’s wallet.
According to independent blockchain sleuth ZachXBT and anti-scam platform Scam Sniffer, losses incurred from the scam have already tallied over $440,000.
there was a second best after all
(hacked acc if not obvious lol) pic.twitter.com/cdLqbqiiCO
— Spreek (@spreekaway) February 26, 2024
Scam Sniffer, an unknown user lost approximately $440,000 to a phishing scam approximately 1 hour ago.
someone lost $424,786 worth of $wBAI, $wPOKT, and $CHEX to phishing scams about 5 minutes ago. pic.twitter.com/GEJvHEXuM7
— Scam Sniffer | Web3 Anti-Scam (@realScamSniffer) February 26, 2024
The time of the attack and the holdings of the attacker’s wallet address match up, suggesting the unknown user fell victim to the MicroStrategy drainer.