Security News > 2023 > June > Hackers steal $3 million by impersonating crypto news journalists
A hacking group tracked as 'Pink Drainer' is impersonating journalists in phishing attacks to compromise Discord and Twitter accounts for cryptocurrency-stealing attacks.
According to ScamSniffer analysts, Pink Drainer successfully compromised the accounts of 1,932 victims to steal roughly $2,997,307 worth of digital assets on the Mainnet and Arbitrum.
Pink Drainer hijacks accounts through social engineering, where the threat actors spend a couple of days impersonating journalists from popular media outlets like Cointelegraph and Decrypt to conduct phony interviews with the victims.
After gaining their victim's trust, the threat actors tell the targets they must conduct a KYC validation to prove their identity, guiding them to websites used to steal Discord authentication tokens.
To extend their control of the account, the attackers set themselves as administrators and removed all other administrators to steal digital assets and sensitive information undisturbed.
In cases where the account belongs to a renowned project or person with many followers, the attackers use their access to it to promote fake giveaways, fake mints, cryptocurrency scams, and phishing pages.
News URL
Related news
- Notorious Hacker Group TeamTNT Launches New Cloud Attacks for Crypto Mining (source)
- North Korean hackers employ new tactics to compromise crypto-related businesses (source)
- North Korean Hackers Target Crypto Firms with Hidden Risk Malware on macOS (source)
- North Korean hackers use new macOS malware against crypto firms (source)