Microsoft India’s X Account Hacked, Crypto Scammers Impersonate ‘Roaring Kitty’
Tech giant Microsoft’s Indian X (Twitter) account was recently hijacked by crypto scammers, impersonating ‘Roaring Kitty,’ the name behind stock trader Keith Gill.
Per data from Bleeping Computer, the perpetrators took advantage of Gill’s recent comeback. His comeback also influenced GameStop to close at $23.14 on Friday, marking a 38.8% increase in shares for the year.
Microsoft India’s X account, which has a gold tick as an officially verified company, has been posting series of Roaring Kitty videos, linking to an unverified website that “pre-sells” fake GameStop (GME) cryptos.
Once the user connects to the phishing site, their crypto assets are exposed to the threat actors.
https://twitter.com/MicrosoftIndia/status/1797743970010968398
The Microsoft India X account, with over 211K followers, now deleted its profile picture as well as the account’s header. The Microsoft account’s last fraudulent post hasn’t been removed and it is unclear if the account is still in the hands of bad actors.
A Possible SIM-Swapping Attack?
The incident could be a result of the SIM-swapping attack, where scammers generally target weakness in two-factor authentication.
In January, the US regulator SEC’s X account was hacked to issue a fake announcement on of Bitcoin ETFs approvals.
Later, the X safety team attributed the breach to SIM-swapping attack linked to an official phone number of @SECGov account. The latest Microsoft account hack is similar to the previous ones and experts believe it to be a SIM-swap attack.
Similarly, crypto scammers targeted accounts for Netgear and Hyundai MEA. They pushed scams designed to infect potential victims with cryptocurrency wallet drainer malware.
Since the beginning of 2024, several X accounts of major companies and crypto influencers fell victim to scams, to lure more customers into fake promotions.
In December 2023, scammers operated through Google Ads, targeting victims with counterfeit versions of popular crypto platforms. The wallet drainer named ‘MS Drainer’ reportedly stole $59 million from 63,210 victims.
