IMPORTANT POINTS:
- Hackers compromised the official MicroStrategy
- One user lost more than $420,000 in the scam, and attackers associated with the PinkDrainer group redirected the funds.
- Crypto industry experts criticize the gullibility of the victims, given MicroStrategy’s well-known focus on Bitcoin over Ethereum.
Hackers compromised the official MicroStrategy X account to promote a fake airdrop of an Ethereum-based MSTR token.
Business intelligence firm MicroStrategy had its X account compromised, spreading malicious links to a fake airdrop of a supposedly “official” Ethereum-based MSTR token.
First, upon clicking the link, the user is directed to a MicroStrategy copycat page that asks them to connect a wallet and claim the fake MSTR airdrop. Next, after accepting a series of permissions on your Web3 wallet, it is understood that attackers can automatically drain tokens from the user’s wallet.
Impact of the hack on users and the community
On the other hand, according to independent blockchain researcher ZachXBT and anti-scam platform Scam Sniffer, losses incurred from the scam have already exceeded $440,000.
there was a second best after all
— Spreek (@spreekaway) February 26, 2024
(hacked acc if not obvious lol) pic.twitter.com/cdLqbqiiCO
Additionally, Scam Sniffer reported that a single user lost over $420,000 in the phishing scam at approximately 12:43 am UTC, just a few minutes after the first malicious link was posted to the MicroStrategy account on X.
someone lost $424,786 worth of $wBAI, $wPOKT, and $CHEX to phishing scams about 5 minutes ago. pic.twitter.com/GEJvHEXuM7
— Scam Sniffer | Web3 Anti-Scam (@realScamSniffer) February 26, 2024
The unknown user lost a total of $424,786 in altcoins, sending one transfer to the MicroStrategy attacker and automatically redirecting two more to a second wallet linked to the notorious PinkDrainer hacking group.
On the other hand, the affected user signed a transaction that resulted in a total of $134,000 in Wrapped Balance AI (wBAI), $122,000 in Chintai (CHEX), and $45,000 in Wrapped Pocket Network (wPOKT) sent to the wallet address of the attacker.
Reactions and warnings from the Crypto community
Initially, and according to Ethereum DeBank, the MicroStrategy attacker’s wallet address accumulates a total of $329,000 in Ethereum-based tokens.
Crypto industry experts were quick to point out the somewhat obvious nature of the scam, with pseudonymous British crypto investor Cobie highlighting that MicroStrategy, a firm focused exclusively on Bitcoin (BTC), would likely not launch a token on Ethereum.
“Obviously trying not to blame the victim here, but you have to be very special to think that MicroStrategy is launching an ETH token after Saylor has spent several years very famously saying ‘there is no second best’ and ‘you only use a chair’ , etc.”.