From: thepipeline_xyz
A notable incident of fraud and social engineering targeted a prominent trader known as y22, resulting in the loss of his digital assets [00:00:31].
The Incident
Y22, a trader recognized for sharing his trading journal and gaining significant traction in the crypto Twitter community due to his success [00:00:05], became the target of a sophisticated attack.
Attack Vector
The compromise began when an impostor posted a link to a Telegram group under y22’s Twitter thread [00:00:11]. Upon joining the Telegram group, users were prompted to undergo a verification process that involved additional steps [00:00:16]. This process then directed the user to perform an action on their desktop browser, shifting them from a mobile device to a desktop [00:00:24]. Performing this specific action on the desktop browser, where the victim’s hot wallets were accessible, led to the compromise of y22’s assets, causing him to lose almost everything [00:00:32].
Impersonation Tactics
The individual responsible for the attack employed extensive social engineering tactics to appear legitimate:
- They mimicked y22’s entire Twitter history [00:00:36].
- The impostor replicated the follower count [00:00:38].
- Their username was made similar to y22’s actual Twitter handle [00:00:42].
- They even possessed a gold check mark, adding to their perceived authenticity [00:00:44].
Lessons Learned
Attackers are willing to invest significant resources to achieve a compromise.
Individuals should not assume that attackers are unwilling to spend substantial amounts of money, such as five figures, to compromise a target [00:00:51]. Social engineering campaigns can involve considerable time, effort, and money, making them capable of compromising a large number of people at risk [00:01:02].