MicroStrategy’s X account breached, promoting fraudulent Ethereum token phishing scam

The X account of the business intelligence firm MicroStrategy has been breached, resulting in the posting of harmful links related to a fake airdrop of the supposed “official” Ethereum-based MSTR token.


The malicious links started appearing on MicroStrategy’s account on February 25. Source: X
When a user clicks on the link, they are redirected to a counterfeit MicroStrategy webpage that prompts them to connect a wallet and claim the fake MSTR airdrop. Once the user grants a series of permissions in their Web3 wallet, it is believed that the attackers can automatically drain the tokens from the user’s wallet.
According to blockchain investigator ZachXBT and anti-scam platform Scam Sniffer, the losses resulting from the scam have already exceeded $440,000.
Scam Sniffer reported that a single user lost over $420,000 to the phishing scam at approximately 12:43 am UTC, just a few minutes after the first malicious link was posted on MicroStrategy’s X account.
The unidentified user lost a total of $424,786 worth of altcoins, with one transfer going to the MicroStrategy attacker and two transfers being automatically rerouted to a second wallet associated with the notorious hacking group PinkDrainer.
Related:
ZachXBT recovers the majority of $177K stolen NFT proceeds after a nine-month investigation
In the transaction, the victim sent a total of $134,000 worth of Wrapped Balance AI (wBAI), $122,000 worth of Chintai (CHEX), and $45,000 worth of Wrapped Pocket Network (wPOKT) to the attacker’s wallet address.
At the time of writing, the MicroStrategy attacker’s wallet address holds a total of $329,000 worth of Ethereum-based tokens, according to Ethereum DeBank.


The MicroStrategy attacker’s wallet contains $329,000 in stolen funds. Source: DeBank
Experts in the crypto industry were quick to point out the obvious nature of the scam. Cobie, a pseudonymous British crypto investor, noted that it was highly unlikely for MicroStrategy, a company solely focused on Bitcoin (BTC), to launch a token on Ethereum.
Magazine:
NFT Collector: DCinvestor: Is this the best NFT collection in the world?
Update (Feb. 26, 2:43 am UTC): This article has been updated to provide additional details about the MicroStrategy attacker.