Crypto fraudsters seized control of OpenAI’s press account to share phishing links aimed at OpenAI users.
Although the posts have since been removed, crypto scammers successfully took over OpenAI’s official press account on X on September 23, promoting a suspected phishing link. The ChatGPT developer has not yet responded to the incident.
The perpetrators of the hack promoted a token named “OPENAI,” asserting that it would connect blockchain technology with AI.
The fraudulent posts made false claims that users could grab a share of the token’s supply, promising them access to the platform’s forthcoming beta programs while luring them to click on a phishing link that led to a flagged site.
To create a facade of credibility and deter vigilant users from alerting others about the hack, the attackers turned off comments on the malicious posts, adding the note: “Comments disabled due to malicious links. Good luck all!”
A user on X reported that the fake website was designed to closely resemble OpenAI’s branding, making it look legitimate at first glance. However, clicking the OpenAI logo prompted visitors to connect their wallets.
When users connect their wallets to such malicious platforms, they are duped into signing a fraudulent transaction. This transaction may appear legitimate but actually gives the attacker access to the user’s assets, enabling them to drain all the funds stored in the compromised wallet.
Known as ‘approval phishing,’ these schemes have resulted in over $2.7 billion in losses since 2021, according to Chainalysis.
Regrettably, similar attacks have targeted OpenAI executives multiple times.
Most recently, OpenAI researcher Jason Wei’s account was hacked to promote the same phishing scheme, with attackers previously targeting OpenAI’s Chief Scientist, Jakub Pachocki. Last year, OpenAI’s CTO Mira Murati also experienced a similar breach in June 2023.
As reported by crypto.news, the virtual reality-focused project Decentraland also fell victim to this type of attack last week, with scammers presenting a fake airdrop of its native token to mislead users into connecting their wallets and approving a malicious transaction.
While all these attacks share common traits, it remains unclear whether the same group of attackers is responsible for them.
