...and is definitely not an enormous grift that's pouring lighter fluid on our already smoldering planet.
Created by Molly White. Subscribe to her newsletter for weekly recaps.
In one of the real Ansem's tweets, Ansem wrote "i dont launch coins bros" — nevertheless, followers eager to get in early on a new memecoin clicked a link offering a presale and had their wallets drained.
Altogether, people lost $2.6 million to the scam. One individual lost $1.2 million.
The largest individual loss was the phishing attack against kirilm.eth, who had over 180 million $BEAM tokens notionally worth over $5 million drained from their crypto wallet. The attacker sold the tokens for around $4.5 million.
The total amount stolen is down slightly from January, in which $55 million was taken. Altogether, scammers have stolen over $100 million via Twitter phishing alone in the first two months of 2024.
The top seven victims collectively lost $17 million, with the top victim alone losing $4.7 million.
It's unclear if the move is spurred by the massively waning interest in NFTs, or if it's part of Twitter's broad slashing of functionality in the wake of Elon Musk's disastrous takeover and cost-cutting attempts.
Those who already had the hexagonal profile pictures now seem to have had them restored to their usual circular shape, and there's no longer any mention of the feature in Twitter's support documentation, and new NFT profile photos can't be uploaded. People can, of course, still right-click and save the images and upload them that way.
According to researcher zachxbt, who himself was one of the impersonated, the scammers have stolen more than $300,000 in various assets using this technique.
This is not the first time such a technique has been used — a scammer attempted a similar, though less successful, scheme in April 2022. Scams like this take advantage of the poor UX in the crypto world for tracking and revoking wallet permissions that have been granted, requiring people to use third-party websites created for this purpose. Some of them are legitimate, but there are many malicious copies of these revocation sites that prey upon users who may be acting quickly in fear that their assets are at risk.
![Tweet by real Ansem account: i dont launch coins bros, but i can give allo to good stuff in other ways soon
Tweet by fake Ansem account closely resembling the one above it:
im about to launch my own token $BULL this weekend
link presale: [redacted link]
min 1 sol
max 3 sol
lets run it up yall](https://primary-cdn.web3isgoinggreat.com/entryImages/resized/ansem-impersonator_300.webp)
burnttoast, but the handle was actually burntteoast. LoveMake connected their primary wallet, which was immediately drained of 61.5 ETH (~$120,000) and $93,400 in the Tether stablecoin.LoveMake wrote on Twitter that "I am dyslexic and didn't notice that the Burnt Toast acc was scam. It was very similar to the original & Verified." They appeared to blame Twitter's new verification process, writing, "@Twittersupport can you explain the meaning of the word 'verified'? we're waiting for days every time we change pfp or display name and then I got scammed by verified account with exact the same name and pfp as Doodles founder in million views thread?"
Several days later, they posted a thread again criticizing the prevalence of crypto scammers on Twitter. "I put millions $ into web3 projects, with over 90k$ into Twitter ads. I was rugged many times and finally robbed but not broken. Thanks to twitter the most profitable web3 activity now is a scam. Shouldn't Twitter pay more attention to its own security?"
No JavaScript? That's cool too! Check out the Web 1.0 version of the site to see more entries.
