Giving Elon Musk a follow on Twitter? You might be shortlisted by scammers looking to defraud Elon’s newest followers.
New Musk followers are being added to a “Deal of the Year” list on Twitter that lures them into depositing small crypto amounts into the attackers’ wallet with the false promise of receiving up to 5000 Bitcoin in return.
Fake Elon: ‘1000 new followers’ get ‘5000 BTC’
Twitter accounts following Elon Musk, Tesla, SpaceX and related accounts are being targeted in a crypto giveaway scam dubbed ‘Freedom Giveaway,’ BleepingComputer has discovered.
I gave @elonmusk a follow today to keep up to date with Twitter news. Within a few hours of doing so, I received this mysterious notification:
A pseudonymous account with Twitter logo set as its profile pic had added me to a Twitter list called ‘Deal of the Year.’
For most Twitter accounts, including Musk’s, the list of their followers is public and can be monitored by anyone including bots and threat actors for nefarious purposes.
On mobile, this is how the ‘Deal of the Year’ list looks like:
As of today, the list has 155 members added by its admin (the threat actor), and these accounts when reviewed by BleepingComputer were seen following Elon Musk, Tesla, SpaceX and related organizations on Twitter.
Notice the header image at the top.
The banner appears to be an actual tweet from Elon Musk’s official account promising free crypto to “1000 new followers” chosen randomly.
That is until you notice the real user name behind the scam account i.e., ‘@CroweYoshiko’ placed right beneath the list name, ‘Deal of the Year’ with its profile pic (Twitter logo) lending some credibility to it.
The advertised URL, freedomgiveaway.net is also convincing, given Mr. Musk is a self-described free speech absolutist, frequently tweets about ‘freedom’ of speech [1, 2], and has taken controversial steps to steer Twitter in that direction.
Bogus quiz asks you for BTC address
On the freedomgiveaway.net website, users are greeted with a prompt to confirm that they “are over the age of 18 years,” and further presented with bogus quiz questions on Tesla, StarLink, and Musk. The answers to these are largely public knowledge.
On answering the 3-4 questions, correctly or not, users are presented with a screen instructing them to key in their Bitcoin wallet address. Regardless of whether you select Ethereum, Bitcoin, Binance Coin, or “I don’t use cryptocurrency,” the website will still prompt you for a BTC address.
The website promises that your wallet will be credited with 5000 BTC, but first you must deposit a small amount—from 0.02 BTC to 1 BTC.
The false pretense is, the amount sent by the unsuspecting victim will be “multiplied” by 5-10 times with the large sum being credited back to the victim’s wallet.
The attacker’s advertised Bitcoin address is:
As with any crypto giveaway scam, the victim ends up sending the funds to the attacker’s wallet but never receives any amount back.
A September report by cybersecurity firm Group-IB revealed the number of crypto giveaway scam domains had tripled this year.
In May, investigation by McAfee and BleepingComputer found fake crypto giveaways had stolen millions from victims by reusing Elon Musk’s Ark Invest YouTube videos to lure victims towards fake, scam domains.
At the time of writing, the wallet used by the ‘Freedom Giveaway’ scam shows a $0.00 balance indicating no one has fallen for the scam yet. But the scam might be too new, and given some of its convincing elements, BleepingComputer feels warning about the scam is in public interest.
Twitter accounts following famous personalities should be wary of suspicious messages and notifications heading their way.