Security News > 2023 > November > Bloomberg Crypto X account snafu leads to Discord phishing attack
The official Twitter account for Bloomberg Crypto was used earlier today to redirect users to a deceptive website that stole Discord credentials in a phishing attack.
As first spotted by crypto fraud investigator ZachXBT, the profile contained a link to a Telegram channel with 14,000 members, further pushing visitors to join a fake Bloomberg Discord server with 33,968 members.
"Join the Bloomberg Crypto Discord Server! Check out the Bloomberg Crypto community on Discord - hang out with 33975 other members and enjoy free voice and text chat."
After clicking the link to 'verify' their account, the potential victims are prompted by the AltDentifiers phishing website to verify with Discord, aiming to steal their Discord login credentials.
The malicious link was removed from the Bloomberg Crypto X/Twitter account 30 minutes after ZachXBT's initial tweet.
Update: Revised the article to reflect that Bloomberg's Crypto account led to an old abandoned Telegram channel, hijacked as part of a phishing scheme.
News URL
Related news
- Free Sniper Dz Phishing Tools Fuel 140,000+ Cyber Attacks Targeting User Credentials (source)
- DOJ, Microsoft seize 107 domains used in Russia's Star Blizzard phishing attacks (source)
- GitHub, Telegram Bots, and ASCII QR Codes Abused in New Wave of Phishing Attacks (source)
- Crypto-apocalypse soon? Chinese researchers find a potential quantum attack on classical encryption (source)
- Astaroth Banking Malware Resurfaces in Brazil via Spear-Phishing Attack (source)
- Cybercriminals Exploiting Docker API Servers for SRBMiner Crypto Mining Attacks (source)
- Notorious Hacker Group TeamTNT Launches New Cloud Attacks for Crypto Mining (source)
- LottieFiles hit in npm supply chain attack targeting users' crypto (source)
- LottieFiles hacked in supply chain attack to steal users’ crypto (source)
- LottieFiles supply chain attack exposes users to malicious crypto wallet drainer (source)