OpenAI’s press account hacked to promote phishing scam with OPENAI token
Crypto scammers took over OpenAI’s press account to submit phishing hyperlinks that focused OpenAI customers.
Whereas the posts have now been deleted, crypto scammers managed to hijack OpenAI’s official press account on X on Sept. 23 to advertise a suspected phishing hyperlink. The ChatGPT developer has but to acknowledge the breach.
These behind the hack promoted a token known as “OPENAI,” claiming it could bridge the hole between blockchain and AI.
The posts falsely promised that customers may declare a portion of the token’s provide, permitting them entry to the platform’s future beta packages and attractive them to click on a phishing hyperlink that led to a flagged web site.
To lend an air of legitimacy and forestall eagle-eyed customers from warning others concerning the hack, the attackers disabled feedback on the malicious posts, including the message: “Feedback turned off on account of malicious hyperlinks. Good luck all!”
One person on X claimed the pretend web site was designed to imitate the OpenAI branding and appeared professional at first look. Nonetheless, when clicking the OpenAI brand, a immediate would ask guests to attach their wallets.
When customers join their wallets to a malicious platform like this, they’re tricked into signing a fraudulent transaction. This transaction typically seems professional however truly grants the attacker control over the user’s assets, enabling them to empty all funds saved within the compromised pockets.
Referred to as ‘approval phishing,’ these assaults have led to over $2.7 billion in losses since 2021, in accordance with Chainalysis.
Sadly, comparable assaults have focused OpenAI execs on a number of events.
Most just lately, OpenAI researcher Jason Wei’s account was hacked to advertise the identical phishing scheme, with the attackers beforehand targeting OpenAI’s Chief Scientist, Jakub Pachocki. Final 12 months, OpenAI CTO Mira Murati additionally confronted the same breach in June 2023.
As reported by crypto.information, digital reality-focused undertaking Decentraland additionally suffered the identical destiny final week, with scammers selling a pretend airdrop of its native token to mislead customers into connecting their wallets and approving a malicious transaction.
Whereas all of the aforementioned assaults share similarities, it’s unknown if the identical group of attackers is behind them.