Official Netgear and Hyundai X accounts hacked to push crypto scams

(Image credit: Shutterstock / REDPIXEL.PL)

Hackers have hijacked stolen two major Twitter accounts and were using them to lure people into cryptocurrency-stealing scams.

The attackers were able to break into X (formerly known as Twitter) accounts belonging to Hyundai MEA (Middle East and Africa) and Netgear, gaining access to more than 160,000 followers. 

They renamed Hyundai’s account to Overworld, in an attempt to impersonate a  “cross-platform multiplayer RPG”, backed by the venture capital arm of the cryptocurrency exchange Binance.

Regaining access

The threat actors used the accounts to share links to malicious websites, fake giveaways that promised $100,000 to the first 1,000 users who registered on the website. Those who register are asked to connect their cryptocurrency wallets in order to receive the funds. However, after connecting, the malicious website would just drain the wallet of all cryptocurrencies and NFTs being held there. 

Netgear’s account was taken around January 6 and was used just to reply to BRCapp tweets and thus try and get people to click on the malicious link. 

At press time, both companies seem to have regained access to their accounts, as there are no traces of malicious tweets, or replies. Overworld, on the other hand, warned its followers to be careful when interacting with the game on social media: "Please exercise caution and stay clear of those impersonating our account. Only click links from the official @OverworldPlay twitter account."

Hackers are always finding new ways to abuse Twitter to steal people’s cryptos. In late December, scammers found a way to trick people into thinking they’re visiting a legitimate company account on X. This method leaned onto the way X handles links to different posts. 

All users, and especially those interested in the blockchain industry, should always be on the lookout for phishing, social engineering, and other scams.

Via BleepingComputer

More from TechRadar Pro

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.