- MicroStrategy X’s official account was breached, leading to the posting of links to a fraudulent airdrop.
- A fictitious MicroStrategy homepage prompted users to connect a wallet and claim a phony MSTR airdrop, leaving them vulnerable to attackers who can siphon tokens if permissions are granted.
The official MicroStrategy X account was hacked, and hackers posted a series of malicious links to a phony airdrop.
MicroStrategy account breach: Phony airdrop
The X account of business intelligence company MicroStrategy has been compromised, and fraudulent links to a fictitious airdrop of an alleged “official” Ethereum-based MSTR token have been posted.
When a user clicks the link, a phony MicroStrategy homepage appears, instructing them to connect a wallet and claim the MSTR airdrop. Users acknowledge that attackers can automatically remove tokens from their Web3 wallets if they approve a number of permissions.
Also read: $112.5 million Ripple (XRP) hack may have involved an insider
Losses exceed $440,000
Independent blockchain investigator ZachXBT claims that the scam has already cost victims over $440,000 in damages.
According to Ethereum DeBank, the wallet address of the MicroStrategy attacker now has $329,000 worth of Ethereum-based tokens.