On June 2, a series of cautions telling users not to click on a link provided on the Twitter account of Mira Murati, the chief technical officer of artificial intelligence company OpenAI, concerned the crypto community on Twitter. The marketing of a phoney bitcoin airdrop seemed to be the result of Murati’s account being compromised. The event has sparked worries about the safety of prominent people and the possible dangers of phishing scams.
The verified Twitter account of Mira Murati, which has over 126,000 followers, posted a tweet announcing an airdrop of the purported ERC-20 token OPENAI. The tweet included a link that sent viewers to a website that, with a few small changes, mimicked the look and feel of a real project named ChatGPT. Users were invited to connect their cryptocurrency wallets on the website, which served as a clever front for a potential scam.
According to a security researcher from blockchain security firm Beosin, the fraudulent website utilized a crypto wallet draining kit, enticing visitors to sign requests. Once a user signed the request, the attacker gained access to their wallet and proceeded to transfer NFTs and ERC-20 tokens out of the victim’s account. This type of attack is commonly known as a SIM-swapping attack, where the attacker convinces the victim’s mobile carrier to transfer their phone number to a new SIM card under the attacker’s control.
Crypto Twitter was rapidly inundated with alerts from watchful users who discovered the fraud and warned others to stay away from the phoney link. Given the stature and importance of Murati’s account, it is alarming that the tweet was deleted just a little over an hour after receiving 79,600 views and 83 retweets. The incident serves as a reminder of the necessity of cybersecurity precautions, especially for prominent figures in the bitcoin and technology industries.
Some Twitter users conjectured that Murati might have been the victim of an identity theft scheme known as a SIM-swapping attack. In these types of attacks, hackers take advantage of lax security measures put in place by mobile carriers to seize the victim’s phone number, get through two-factor authentication (2FA), and access a variety of internet accounts connected to that phone number without authorization. This hypothesis highlights the continuing hazards that anyone working in the cryptocurrency business faces, even if it is still unknown how the account was compromised.
According to a vulnerability researcher from blockchain security company Beosin, the website “lures visitors into signing requests” by using a draining kit for cryptocurrency wallets that is readily available. “Once the request is signed, the attacker will transfer NFTs and ERC-20 tokens out of the victim’s wallet,” the researcher for Beosin continued.
A strong reminder of the security hazards present in the cryptocurrency sector was provided by the hacking of Mira Murati’s Twitter account and the subsequent advertising of a phoney Bitcoin airdrop. The significance of putting strong security measures in place, including multi-factor authentication and strong passwords, to protect online accounts is highlighted by this occurrence. Additionally, it emphasizes the necessity of ongoing awareness and attention within the cryptocurrency ecosystem to avoid falling prey to fraud and phishing attempts.