From: thepipeline_xyz
Case Study: Y22 Trader Compromise
A notable trader named y22, who gained significant traction for publicly sharing his successful trading journal, was targeted by a sophisticated social engineering attack [00:00:00]. The attack led to him losing virtually all his assets [00:00:31].
The incident began when an attacker posted a link to a fake Telegram group under y22’s Twitter thread [00:00:08]. Upon attempting to “verify” within this Telegram group, users were prompted to perform additional steps [00:00:13], which included performing an action on their desktop browser, requiring a transition from phone to desktop [00:00:18]. This browser action, performed where hot wallets were accessible, led to the compromise [00:00:27].
Tactics Used
The perpetrator employed several advanced social engineering tactics to execute the attack:
- Identity Mimicry: The attacker mimicked y22’s entire Twitter history, follower count, and even created a username similar to his actual Twitter handle [00:00:34].
- Verification Badge Deception: The fake account also displayed a gold check mark, adding to its perceived legitimacy [00:00:44].
Scale of Effort
Individuals engaging in such attacks are willing to go to extreme lengths to compromise targets [00:00:47]. This can include shelling out significant sums, potentially five figures, for social engineering campaigns [00:00:51]. A considerable amount of time, effort, and money can be invested to compromise a large number of at-risk individuals [00:00:58].
“Don’t assume somebody’s not willing to shell out like five figures and as somebody who’s done like I guess social engineering campaigns as a living like there’s a lot of like time and effort and money you can spend to compromise like a ton of people that are at risk” [00:00:50]