Security News > 2023 > November > Fraud researchers impersonated on X to push crypto-stealing sites
The scammers impersonate accounts on X belonging to blockchain analytics or crypto fraud investigation firms and researchers, like CertiK, ZachXBT, and Scam Sniffer, to promote fabricated security breaches on Uniswap and Opensea.
To impersonate the legitimate accounts, the threat actors created new X accounts with similar account names.
Many legitimate X users fell for the trick and shared the scam on their accounts, some with hundreds of thousands of followers without double-checking the validity of the claims.
The scale of the campaign is also notable, with bot accounts promoting hashtags like #UniswapExploit to the point of them reaching top trending topics in the U.S. on X. ZachXBT, one of the accounts impersonated in this scam, told BleepingComputer that the first time he saw this threat group utilizing this tactic was on November 9th. This was when Hayden Adams - the developer of Uniswap's web application interface, warned the cryptocurrency community of the scam, clarifying that there was no Uniswap exploit leveraged in the wild and that tweets about this came from fake X accounts impersonating ZachXBT, Certik, and other well-known users in the cryptocurrency community.
The scammers impersonate accounts on X belonging to blockchain analytics and investigation firms or users, like CertiK, ZachXBT, and Scam Sniffer, to promote a fabricated security breach on Uniswap or Opensea.
In June 2023, hackers created fake accounts on GitHub that impersonated existing cybersecurity researchers, even linking to fake X accounts for added legitimacy.