Security News > 2023 > November > Bloomberg Crypto X account hijacked in Discord phishing attack
The official Twitter account for Bloomberg Crypto was compromised earlier today, ultimately redirecting users to a deceptive website used to steal Discord credentials in a phishing attack.
As first spotted by crypto fraud investigator ZachXBT, the hijacked profile contained a link to a fake Telegram channel with 14,000 members, further pushing visitors to join a fake Bloomberg Discord server with 33,968 members.
"Join the Bloomberg Crypto Discord Server! Check out the Bloomberg Crypto community on Discord - hang out with 33975 other members and enjoy free voice and text chat."
Upon entering the Discord server, a bot prompts visitors to use AltDentifier, an authentic Discord Verification Bot.
After clicking the link to 'verify' their account, the potential victims are prompted by the AltDentifiers phishing website to verify with Discord, aiming to steal their Discord login credentials.
The malicious link was removed from the Bloomberg Crypto X/Twitter account 30 minutes after ZachXBT's initial tweet.
News URL
Related news
- New Web3 attack exploits transaction simulations to steal crypto (source)
- Ransomware gangs pose as IT support in Microsoft Teams phishing attacks (source)
- Microsoft Teams phishing attack alerts coming to everyone next month (source)
- How to Prevent Phishing Attacks with Multi-Factor Authentication (source)
- North Korea targets crypto developers via NPM supply chain attack (source)
- Microsoft: Hackers steal emails in device code phishing attacks (source)
- Darktrace: 96% of Phishing Attacks in 2024 Exploited Trusted Domains Including SharePoint & Zoom Docs (source)
- Phishing attack hides JavaScript using invisible Unicode trick (source)
- Bybit Confirms Record-Breaking $1.46 Billion Crypto Heist in Sophisticated Cold Wallet Attack (source)