From: thepipeline_xyz
Case Study: Trader Y22
A notable trader known as y22, who gained traction by posting a successful trading journal, was compromised through a sophisticated social engineering scheme [00:00:00].
The Compromise Method
The attack began when someone under y22’s Twitter thread posted a link to a Telegram group [00:00:08]. Upon joining the Telegram group, users were prompted to verify their identity [00:00:13]. This verification involved additional steps that required users to perform an action on their desktop browser, transitioning them from phone to desktop [00:00:16]. Performing this action on the desktop browser, where the victim’s hot wallet was located, led to the compromise of the wallet and the loss of nearly all assets [00:00:27].
Attacker Tactics
The individual who posted the malicious message employed several deceptive tactics [00:00:32]:
- They mimicked y22’s entire Twitter history and follower count [00:00:34].
- Their username was made similar to y22’s actual Twitter handle [00:00:40].
- They also displayed a gold check mark on their profile [00:00:44].
Broader Implications
Attackers are willing to go to extreme lengths and invest significant resources to compromise individuals [00:00:47]. It should not be assumed that a perpetrator would hesitate to spend five figures on such a campaign [00:00:50]. Substantial time, effort, and money can be expended in social engineering campaigns to compromise a large number of at-risk individuals [00:00:58].