MicroStrategy’s X account hacked, shilling Ethereum token phishing scam

Attackers have taken over the official X account for MicroStrategy account, posting a series of malicious links to a fake airdrop for a nefarious $MSTR token.

Business intelligence firm MicroStrategy’s X account has been hacked, posting several malicious links to claim a fake airdrop of a nefarious $MSTR token to its nearly 200,000 followers.

Once a user clicks on the link they are directed to a copycat MicroStrategy webpage which directs them to connect a wallet and claim the fake $MSTR airdrop. Once users accept a series of permissions in their Web3 wallet, the attackers can automatically drain the tokens out of the user’s wallet. 

According to independent blockchain sleuth ZachXBT and anti-scam platform Scam Sniffer, losses incurred from the scam have already tallied over $440,000.

0xe7645b8672b28a17dd0d650a5bf89539c9aa28da

~$440K stolen from the compromise so far

— ZachXBT (@zachxbt) February 26, 2024

Scam Sniffer, an unknown user lost approximately $440,000 to a phishing scam approximately 1 hour ago.  

someone lost $424,786 worth of $wBAI, $wPOKT, and $CHEX to phishing scams about 5 minutes ago. pic.twitter.com/GEJvHEXuM7

— Scam Sniffer | Web3 Anti-Scam (@realScamSniffer) February 26, 2024

The time of the attack and the holdings of the attacker’s wallet address match up, suggesting the unknown user fell victim to the MicroStrategy drainer. 

This is a developing story, and further information will be added as it becomes available.