Follower of Crypto Influencer ZachXBT Scammed by Impersonated a16z Member
In a recent and highly sophisticated scam, a follower of the renowned crypto influencer ZachXBT was targeted by a fraudulent account posing as a member of the prestigious venture capital firm a16z (Andreessen Horowitz). The victim, unfortunately, lost a staggering $ 245,000 in this fraudulent act.
The scam involved social engineering techniques, in which the attacker leveraged outdated information on the a16z website to impersonate a team member and trick the victim into downloading malware. This incident also sheds light on a new type of scam employed by threat actors, which, although known as a common scam, took a different approach.
ZachXBT Follower Lost $245K In Crypto to Impersonated a16z Member
1/ Here is an overview of one of the better executed scams I have seen in recent times so I figured I would share with the community as a cautionary tale.
A few weeks ago I received a DM from a follower who lost $245K after accidentally downloading malware onto their computer. pic.twitter.com/gVQEO52XOU
— ZachXBT (@zachxbt) June 12, 2024
Crypto influencer ZachXBT recently exposed a meticulously executed scam that resulted in a follower losing $245,000. The scam began with a direct message from an account impersonating Peter Lauten of a16z, aiming to discuss a potential podcast partnership.
“A few weeks ago I received a DM from a follower who lost $245K after accidentally downloading malware onto their computer,” said ZachXBT.
The attacker exploited the fact that the real Peter Lauten had changed his X (formerly Twitter) username from ‘peter_lauten’ to ‘Lauten.’ The old username was still linked on the a16z website and tagged in posts by the a16z X account.
6/ Shortly after downloading, the victim’s crypto assets were transferred out from their wallets.
Funds were then transferred through multiple intermediary addresses and deposited to exchanges.
Theft address
0x77aFC774c38D6A712e1A1F5Ea7c88Fe14BFA10F6 pic.twitter.com/m2e2XH5ats— ZachXBT (@zachxbt) June 12, 2024
The victim, unaware of the changes in the real Peter Lauten’s username, was manipulated by the impersonator into downloading a fake meeting app called ‘Vortax,’ which was malware.
Shortly after the malware was installed, the victim’s crypto assets were siphoned from their wallets, routed through multiple intermediary addresses, and deposited to exchanges. The theft address used in the scam was 0x77aFC774c38D6A712e1A1F5Ea7c88Fe14BFA10F6.
ZachXBT shared the details of this scam to alert the community and prevent others from falling victim to similar attacks. He emphasized the sophistication of the scam, noting that it was one of the better-executed ones he had seen recently. Notably, after the theft the a16z team quickly fixed the links to point to the correct account.
The Rising Alarm Of Crypto Scam
The U.S. Federal Trade Commission (FTC) recently warned about the rise in “pig butchering” scams, a romance scam involving cryptocurrency investments.
This scam originates from Southeast Asia. It involves scammers building long-term relationships with victims through dating and social media sites, earning their trust, and convincing them to invest in fraudulent cryptocurrency schemes. Once the victim is “fattened up” with trust, scammers steal their money or cryptocurrency. These scams have led to significant financial losses for victims, often amounting to tens or even millions of dollars.
The FTC highlights that scammers often request payments via gift cards, payment apps like Apple Pay and CashApp, money-wiring companies, or cryptocurrencies, a key indicator of fraudulent activity.
The Canadian Anti-Fraud Centre (CAFC) also reported a surge in such scams targeting Canadian citizens, with recent high-profile cases like Shreya Datta’s $450,000 loss emphasizing the severity of the issue.
According to TRM Labs, the FBI’s Internet Crime Complaint Center (IC3) received over 4,300 complaints about pig butchering scams, with total losses exceeding $400 million. Raising awareness about these scams is crucial to preventing further victimization.
Similarly, Ripple’s CTO David Schwartz warned about a new phishing scam targeting the XRP community. Schwartz alerted users on X (formerly Twitter) to be cautious of messages claiming their accounts are under investigation for copyright violations.
These messages, which include a link to a phishing site, aim to steal login and personal information. Schwartz emphasized that any such messages are fraudulent and should be ignored to prevent falling victim to the scam.
This warning follows previous incidents in which Ripple CEO Brad Garlinghouse was impersonated in deep fake videos promoting fake investment schemes.
