Hackers are more and more focusing on verified accounts on X (previously Twitter) belonging to authorities and enterprise profiles and marked with ‘gold’ and ‘gray’ checkmarks to advertise cryptocurrency scams, phishing websites, and websites with crypto drainers.
A current high-profile case is the X account of cyber menace intelligence firm Mandiant, a Google subsidiary, which was hijacked yesterday to distribute a faux airdrop that emptied cryptocurrency wallets.
MalwareHunterTeam has been monitoring the sort of exercise on X these days and reported a number of notable examples of compromised “gold” and “gray” accounts.
Solely prior to now couple of days, MHT has posted in regards to the accounts of Canadian senator Amina Gerba, nonprofit consortium ‘The Inexperienced Grid,’ and Brazilian politician Ubiratan Sanderson falling within the fingers of hackers.
Yesterday, cybersecurity firm Mandiant’s X account was hacked to advertise a web site with a crypto drainer. The firm says that two-factor was enabled on the account, making the hijacking much more puzzling.
A gold checkmark connected to an account on X signifies an official group/firm, whereas the gray badge marks profiles representing a authorities group or an official.
Each varieties of accounts want to fulfill particular eligibility necessities. Against this, the blue checks are given to any person paying for an X Premium subscription.
As a result of strict eligibility standards, gold and gray “id indicators” encourage belief, and the content material they distribute is often thought of extra dependable.
Whereas the promoted thought behind X’s verification and paid subscription system is to extend “by a number of orders of magnitude” the fee and problem for impersonation and scams, gold and gray badge accounts have develop into targets for hackers and a commodity for cybercriminals.
A current report from CloudSEK, a digital threat monitoring platform, highlights the emergence of a brand new black market the place hackers promote compromised gold and gray X accounts for costs between $1,200 and $2,000.
Some sellers additionally present the choice so as to add rip-off accounts as associates to the verified gold accounts for $500, lending them credibility with out having to undergo the extra rigorous verification course of from the social media platform.
Claims from menace actors on darkish internet markets and on Telegram counsel that the cybercriminals additionally work with compromised dormant company accounts that may be transformed into “gold” profiles by the client.
In different instances, the hackers who compromise these accounts lock out their authentic homeowners, subscribe to gold for 30 days, and move the accounts to the brand new homeowners.
CloudSEK says it noticed six gross sales of such accounts in a month. Certainly one of them, dormant since 2016 and with 28,000 followers, was marketed for $2,500.
Researchers suggest corporations to shut dormant accounts if they have been inactive for a bigger interval. Reviewing the safety settings and activate the two-factor authentication possibility.
It is usually value checking what apps are related to the account in addition to the log of energetic periods on different units.