Scammers compromise verified, 5-million-follower Twitter account for Venezuelan newspaper El Universal, use it to promote fake Goblintown site

Verified Twitter account showing the display name "goblintown.wtf", but a username of ElUniversalCompromised Twitter account (attribution)
Scammers successfully compromised the Twitter account for El Universal, a Venezuelan newspaper. The account is verified, and has five million followers. The scammers used the account to promote "goblintowm" (note the m on the end), a fake website pretending to be the recently-popular Goblintown project. Users who connected their wallets to try to mint the free NFTs instead saw their wallets drained of their cryptocurrency and NFTs.

One of the wallets used by the scammers had stolen 64 NFTs, though most of them were low in value. The address had also pulled in 16.5 ETH (~$30,000). However, most scammers rotate wallets, and this likely doesn't reflect the total damage from the scam.

Beeple's Twitter account is hacked and used to promote fake NFT mints

Tweet by beeple: "Been working on this with LV for a long time behind the scenes. 1000 total unique pieces. BEEPLE x VUITTON COLLECTION_1: BEEPLES Official Raffle Below. 1 ETH = 1 Raffle Entry. All non-winning entries are refunded post-raffle. Good luck :)"Tweet from Beeple's compromised account (attribution)
Attackers gained control of the Twitter account belonging to Beeple, an artist known for "selling" an NFT for $69 million in March 2021 and for his recent horror-inducing NFT collab with Madonna. They used the account to share two scam mint links — first to a supposed NFT collaboration with Louis Vuitton, then to "extra" artwork Beeple supposedly created but never minted as NFTs. The scam drew in around $272,000 in ETH and stole 45 NFTs worth approximately $166,000 before Beeple regained control of his Twitter account about five hours later.

Various commenters replied to Beeple's tweet to say they'd been scammed, and to ask if he could help them recover their funds or NFTs. Some blamed him and his poor security practices for their losses, asking if he would repay those who were scammed. He has not suggested he intends to do so.

Top Super Smash Bros. Ultimate player has his Twitter account hacked to shill NFTs

A pink robot with green drool and rolled-back eyes, with a head floating above the body.The profile picture of the hacked account (attribution)
MkLeo, who is widely considered to be the best Smash Ultimate player in the world, had his 217,000-follower Twitter account hacked and repurposed for NFT shilling. The scammers changed his profile picture to a pink robot creature with green drool, and began posting tweets talking about his supposed collaboration with The Possessed NFT project. The link in the tweets went to a scam website that claimed to allow people to mint NFTs from the actual Possessed NFT project. It's not yet clear how many people fell for the malicious link, but MkLeo's Twitter account appeared to be back under his control later that evening.

Hacked verified Twitter accounts impersonate BAYC founders, scam $1 million with fake ApeCoin airdrop

A light purple-furred ape with boils, wearing a pirate hat, with green face with mushrooms growing on it, and open mouthMutant Ape #22660 (attribution)
Some scammers obtained hacked verified Twitter accounts, then rebranded them to claim to be founders of the Bored Ape Yacht Club. They then tweeted about how their team's ApeCoin launch had been so successful, they'd decided to airdrop more tokens. Users who clicked the link and connected their wallets quickly discovered they'd been scammed when their high-value NFTs were transferred from their accounts, then flipped for resale. One victim of the scam said they'd lost $600,000, and tweeted: "@BhawanaCAN put out a tweet refering for more $ape available- I trusted the blue checkmark @twitter @jack now the ape and my gutter cat is gone - fuck you @BhawanaCAN". @BhawanaCAN, prior to the hack, was an account belonging to the former CEO of the Cricket Association of Nepal.

There were multiple scammer accounts involved in the scheme, and one researcher has estimated that the scammers had made around $1 million from reselling the NFTs as of March 24. A similar hack had occurred several days earlier, in which a hacked verified account impersonated a BAYC founder and successfully stole three pricey Bored Apes from a collector.

Phishing scheme promising to animate one's apes nets attacker a collector's three pricey Bored Apes

A Bored Ape with leopard print fur, wearing a black bowler hat and American flag shirt with a deep V-neck, with half-closed red eyes, on an orange backgroundBAYC #71 (attribution)
An NFT collector fell for a scam website promising to "turn your BAYC animated". After connecting their wallet, the attacker transferred their three pricey Bored Ape NFTs to their own wallet, then quickly flipped them for resale for a combined total of around 264 ETH ($764,000). Zachxbt, a crypto fraud sleuth who first noticed the scam, estimated the NFTs' actual value at closer to $900,000.

It appeared from the victim's retweets that they had fallen for a scam shared by a verified Twitter account that claimed to be one of the Bored Apes founders. However, a closer look at the Twitter handle showed it was a hacked account with the username "volt_france", which previously had belonged to the French branch of the Volt Europa political movement.

NFT scammers take over the Twitter account of a Florida gubernatorial candidate

Twitter profile of Nikki Fried, showing banner and profile pictures for "Skulltoons", and the name "nikki.eth"Nikki Fried's compromised Twitter profile (attribution)
The Twitter account belonging to Nikki Fried, the current Florida Agriculture Commissioner and a Democratic candidate for the 2022 Florida gubernatorial race, was compromised and repurposed as an NFT shill account. The account, which was verified and had more than 270,000 followers, suddenly underwent what I imagine was a bit of a startling rebrand for her followers: her name was changed to "nikki.eth", and the Twitter bio was replaced with "Mod for SkulltoonsNFT, ThugBirdz, AzukiZen. Web3 Enthusiast". The account also changed its banner and profile pictures to Skulltoons images, and started tweeting about giveaways. By March 20, Fried had apparently regained control of the account, though the account privacy had been changed to protected.

The Fried account compromise is only one instance of what has become a trend on Twitter: Twitter accounts belonging to high-profile individuals, or accounts that are verified or have a large number of followers, being compromised and sold to NFT scammers. On March 11, ESPN baseball reporter Jeff Passan also had his twitter account compromised and repurposed to shill Skulltoons NFTs. Skulltoons distanced themselves from that incident, writing that they believed the hackers were trying to scam their NFT community.

ESPN baseball reporter Jeff Passan has his Twitter account hacked and used to shill NFTs on "the biggest news day of [his] life"

Twitter profile of Jeff Passan, showing banner and profile pictures for "Skulltoons", and the name "Jeff.eth (Jeff Passan)"Jeff Passan's compromised Twitter profile (attribution)
ESPN MLB reporter Jeff Passan was having a great day, as he had been the one to break the news of an agreement between the MLB and the MLB Players Association, who had been deadlocked on labor negotiations. Unfortunately, this was soured a bit by his 800,000-follower, verified Twitter account being compromised and repurposed to shill "Skulltoons" NFTs.

Passan regained control of his Twitter account several hours later. Passan later wrote in a tweet, "hey remember that time i got hacked on the biggest news day of my life". The Skulltoons project distanced themselves from the incident, writing that they believed the hackers were trying to scam the Skulltoons community.

No JavaScript? That's cool too! Check out the Web 1.0 version of the site to see more entries.