Abusing Azuki Twitter
Early on the 28th (Japan time), it was revealed that the official Twitter account of Ethereum’s popular NFT (non-fungible token) collection Azuki was hijacked and announced a fake NFT issuance event.
The unfair tweet masked Azuki’s Metaverse city Hilumia’s “LAND (virtual land) NFT” issuance event as a surprise project. It connected to a malicious smart contract installed on a website and deprived the signed user of crypto assets (virtual currency).
The tweet was deleted within about an hour, but according to Etherscan, at least one user was robbed of $750,000 worth of stablecoin USDCoin (USDC). Some also reported that 11 NFTs and 3.9 ETH were stolen.
Azuki’s community manager, Emily Rose, acknowledged that her Twitter account had been hijacked and told the community not to visit the website where the offending tweet was posted.
AZUKI OFFICIAL TWITTER ACCOUNT IS HACKED.
DO NOT CLICK LINKS FROM OUR ACCOUNT.
— Rose | 🌹🐰| ⛩🅱️NGL (@emilyrosemcg) January 27, 2023
In addition, the Azuki team is in contact with Twitter to confirm the status of account control.
⚠️ Azuki twitter account takeover – offending tweet was tweeted on the twitter web app on a mobile device
MetaMask will soon block the domain when cache clears https://t.co/Cqc4gUbY7e pic.twitter.com/yQaTcY3LN5
— harry.eth 🦊💙 (whg.eth) (@sniko_) January 27, 2023
The Web3 community is also working to address this scam. The contract address used for the scam is flagged as “Fake_Phishing8231”. Security researcher Harry Denley of cryptocurrency wallet MetaMask has announced that it will block domains involved in the Azuki hack.
Azuki’s Twitter has been compromised.
Do not visit any links posted from their account. We’ve already blocked several sites to keep our users protected.
Stay safe out there! pic.twitter.com/ma9j0ZRrPr
— Phantom (@phantom) January 27, 2023
Solana (SOL) wallet Phantom also recorded the same domain and took action to display a warning message to users trying to connect to the site.
According to NFT electronics market giant OpenSea, Azuki’s floor price (minimum purchase price) was 14.75 ETH (about 3 million yen) at the time of writing, up 9.5% from the previous day.
Case of SNS hijacking fraud
Fraud techniques that take over SNS accounts have been confirmed for some time, but there is still no end to it. In April 2010, Azuki was also targeted by scammers, and a large number of Twitter authentication accounts using Azuki’s profile image occurred, and airdrop fraud was carried out. He stole NFTs from wallets that accessed the site.
On the 25th of this month, the Twitter account of Robinhood, a major US provider of investment apps for cryptocurrencies and stocks, was hacked and hijacked. It advertised a fake token launch called “RBH” and tricked people into clicking on the link in the tweet and directing them to the decentralized exchange (DEX) “PancakeSwap” to buy at $0.0005 per RBH.
RBH tokens were designed not to be sold or transferred after purchase. The amount of damage is reported to be less than $1,000 (approximately 120,000 yen), but there is also data that the hackers illegally obtained 26.95 BNB (equivalent to 1.06 million yen).
Relation:Robinhood’s official SNS was hijacked and used by hackers for cryptocurrency fraud
Scam tokens that cannot be sold or remitted are called “Honey Pots” and have been increasing rapidly in recent years. In 2022 alone, 98,442 contracts were detected. According to blockchain monitoring platform Solidus Labs, the price of non-sellable constrained tokens continues to rise, which tends to trick greedy users into buying them.
Relation:“Rag pull (exit fraud)” of rapidly increasing virtual currency projects, what is the trick?
It has become clear that a “remote tool” aimed at hijacking the personal computer used by the user was set up on a fake project site disguised as a Pokemon NFT card game.
Relation:Remote software spread on fake Pokemon NFT site, case of virtual currency fraud discovered