Senator Cynthia Lummis (R-WY) has given a specific date for when her long-awaited crypto regulator bill will be unveiled. The legislation will help to sort cryptocurrencies under appropriate regulatory labels and federal jurisdictions. According to a tweet from the senator on Friday, the final version of her bill will be released on Tuesday, June 7th. Lummis has spent months working on the bill alongside Senator Kirsten Gillibrand (D-NY), announcing it as early December 2021. The bill will reportedly provide sweeping…
Scammers posing as Azuki creators are taking over verified Twitter handles to promote a fake NFT airdrop. Twitter accounts affected include those belonging to several journalists and media professionals.
After hijacking an account, the scammer edits the profile text and images, disguising the handle as one belonging to a co-creator of Azuki. Afterward, the scammer proceeds to make a tweet promising a “secret airdrop” of Beanz, a collection of 20,000 NFTs that airdropped for free to Azuki holders on March 31st. A link is then provided in the tweet for a collector to “claim a bean”. Lastly, the scammer creates a thread tagging different accounts to the tweet.
Unsuspecting collectors who clicked the link and connected their Ethereum wallets had their NFTs stolen, without receiving any airdrop.
How Verified Twitter Accounts Got Compromised
Scammers used a phishing link to gain access to these verified accounts. One journalist revealed that they received a phishing email from an email address pretending to be Twitter Support. The address, [email protected], “notified” the journalist of a login attempt into their Twitter account.
I woke up to this email and in a half-awake daze actually fell for it,” the journalist tweeted, recounting the ordeal.
Another journalist revealed that the scammers had used their compromised account to send and tag potential victims to over 6,000 tweets.
Is the Verification Badge Fast-Becoming a Tool For Crypto Scams?
The Azuki NFT heist is not the first time cybercriminals are using verified Twitter handles to perpetrate scams. A similar event happened recently with an ApeCoin-themed fraud.
In March, scammers hijacked several verified Twitter handles and claimed to be founders of Yuga Labs, the team behind the Bored Ape Yacht Club NFT project. The scammers then went ahead to promise an airdrop of ApeCoin tokens to users. But just like with the Azuki scam, ApeCoin creators had already airdropped tokens for free to Bored Ape holders.
Rip another Ape owner phished who has lost $500k worth of NFTs (BAYC, MAYC, & more)
Stop connecting your wallet & approving transactions on sketchy sites
— zachxbt (@zachxbt) March 25, 2022
Users who interacted with the link and connected their wallets had their NFTs stolen, including Bored Ape and Mutant Ape Yacht Club collectibles. Over $1 million worth of NFTs disappeared amidst the fraudulent scheme. Oddly, some victims claimed they have not connected their wallets to the website, yet had their NFTs stolen.
Like other social media verification badges, Twitter verification is proof of authenticity and authority. Therefore, it is easy to lure unsuspecting victims into scams through verified handles. Twitter says it is aware of this disturbing development and is actively working towards a solution.
It is important to note that Twitter is not assigning verification badges to unscrupulous Twitter users. Also, the original creators of the Bored Ape project and Azuki did not perpetrate these scams. Rather, Twitter, Azuki, Bored Ape, and the several victims of these scams are all prey to a common predator: cybercriminals.