Hackers leveraged MicroStrategy social media to orchestrate a $440,000 phishing heist.

MicroStrategy’s official

Blockchain security company PeckShield was quick to warn that the post in question contained a phishing link that redirected to a copycat website of a Bitcoin holding company.

The malicious post has since been deleted, but MicroStrategy has not yet commented on the incident as of press time.

MicroStrategy is the largest corporate holder of BTC, with its holdings recently surpassing $10 billion. According to Saylortracker data, the company’s 190,000 BTC is now worth $9.7 billion, with unrealized profits of $3.7 billion.

$440,000 stolen

On-Chain Detective ZachXBT exposed The attackers allegedly stole about $440,000 from users who unknowingly clicked on the posts.

Scam Sniffer, a Web3 fraud prevention platform, reported Most of the funds may have been stolen from a single victim. According to the company, the victim appears to have “signed a batch of Uniswap Permit2 permits providing multi-token authorization” to the attackers. Some of the stolen assets included relatively unknown tokens such as: wBAI, wPOKTand Chex.

Etherscan data shows that the attackers have already begun moving the stolen funds, with 62.97 Ethereum worth $195,000 remaining in the exploiters’ addresses as of press time.

Phishing attacks are widespread in cryptocurrency.

Phishing scams are one of the most popular ways for malicious actors to steal funds from unsuspecting cryptocurrency users.

Cryptocurrency scammers often lure their targets by compromising the social media accounts of well-known projects. They promise fake airdrops through phishing links and trick unsuspecting individuals into giving them access to their funds. As a result, victims unknowingly allow attackers to steal their funds by clicking on these links.

Scam Sniffer said attacks of this nature resulted in losses of around $300 million from over 320,000 cryptocurrency users throughout 2023.