Threat actors are hacking verified Twitter accounts in an Elon Musk cryptocurrency giveaway scam that has recently become widely active.

There is nothing new about cryptocurrency scams on Twitter, especially ones pretending to be giveaways from Elon Musk. In 2018, scammers raked in $180,000 using a successful Elon Musk giveaway scam promoted on Twitter.

Over the past week, security researcher MalwareHunterTeam has seen an uptick in verified Twitter accounts hacked in a scam promoting another fake Elon Musk cryptocurrency giveaway.

These accounts will reply to tweets, like Elon Musk’s below, and promote a scam where Musk is allegedly giving away free cryptocurrency.

Tweets promoting fake Elon Musk crypto scams
Tweets promoting fake Elon Musk crypto scams

The tweets will contain links that redirect to Medium article promoting the fake giveaway. The articles contain further links to the scam landing pages that state if you send bitcoins to the listed address, they will send you back twice the amount.

Fake Elon Musk/Tesla giveaway site
Fake Elon Musk/Tesla giveaway site

While most of these tweets are using Elon Musk as their theme, some of the hacked accounts are also promoting fake giveaways from Tyler Winklevoss of Gemini Exchange.

A tweet promoting a fake Gemini giveaway
A tweet promoting a fake Gemini giveaway

MalwareHunterTeam told BleepingComputer that most of the accounts hacked for this scam have been dormant without activity from the owner.

“Big %, but not all. At least 2-3 was active within a few weeks to few days, of those one looked possible the last activities was not from the original owner but of course couldn’t verify,” MalwareHunterTeam explained.

As Twitter disabled the ability to verify an account in July after the company was hacked in a massive cryptocurrency scam, verified accounts are in high demand for threat actors.

The attackers are likely targeting dormant verified accounts not to be detected by the owner of the accounts.

BleepingComputer contacted Twitter with questions about this recent scam but did not receive a response.

Scammers rake in over $580k in one week

This scam has been very successful for the threat actors.

From the cryptocurrency addresses collected from landing pages seen by BleepingComputer and MetaMask, the threat actors have earned $587,000 in bitcoin.

The Etherium giveaway scams did not do as well, only generating $2,700 for the scammers.

As there are many landing pages associated with this scam, it is possible that some have been more successfull in scamming people out of their assets.

It is essential to understand that Elon Musk, Tesla, Gemini, or the Winklevoss twins will not send you cryptocurrency and that all these giveaways are scams.

If you wish to give away your cryptocurrency, send it to us: 3Jw4LswKzGzQBRX5s12br6TvJNm5NpQhUV. You won’t get any back, but you will at least fund journalism.