Cryptocurrency scams can often seem opaque from the outside — exploits that rely on odd gaps in the underlying code that governs contracts between users, or back doors in online exchanges that no one is aware of until someone makes away with millions in digital currency. But a hoax discovered by Bleeping Computer is so dead simple, you kinda have to admire whomever decided to go for it: They just created fake celebrity Twitter profiles, then promised to send people a lot of money if they would just send them a little bit to start things off.
Here, for example, is one of the Twitter accounts in action, @elonnmuusk, tweeting at Donald Trump last night after Trump congratulated SpaceX for the launch of the Falcon Heavy.
Or, here’s Microsoft founder @Billgavtes:
And famed value investor @WarrenBuffert:
Bleeping Computer found at least 12 accounts impersonating nine different celebrities and institutions, including an ersatz John McAfee, ethereum co-founder Vitalik Buterin, and cryptocurrency exchange Coinbase. All offered up the same basic deal: They wanted to give away some ethereum, and all you had to do to get it was send them a little bit first.
Bleeping Computer discovered that the scam has been going on for nearly two weeks, but without much success. But tracking the multiple wallets associated with the scam, they discovered that there was a sudden burst of activity last night — likely thanks to three fake Elon Musk accounts (the other two identified were @eonmusk and @eIonmsuk) and the increased attention around the Falcon Heavy launch. In total, the wallets took on about 7.69 ethereum — though Bleeping Computer makes it clear that they are likely missing some transactions, so the actual amount missing may be higher — worth about $6,500 at current trading prices.
In the realm of cryptocurrency heists, this is relatively small potatoes — after all, we’ve already seen Japanese exchange Coincheck say that hackers made off with $530 million in digital currency earlier this year, the largest theft ever in the relatively short life of cryptocurrency. On the other hand, making $6,500 for setting up some creatively misspelled celebrity accounts and spamming Twitter is a bit easier than hacking your way into an online exchange.