Big "Twitter blue" #phishing campaign going on right now, using verified accounts, getting huge interaction Stay safe fam
I'll update this thread as I comb over more information, hit follow, activate notifications if you want to get the latest updates fast. 🚨🚨🚨
Being pushed by too many bots to collect count via quote tweets mentioning people, you can't reply to the original tweet. The real Twitter blue account has an NFT pfp
SzAt_0 is the account to block
//twitter-biue[.]com - don't visit it, it's likely going to have a JavaScript wallet drainer and want to connect to your Metamask etc and then bye bye everything 🚨
@CloudflareAbuse @Cloudflare think we can get an interstitial please 🙏
@CloudflareAbuse @Cloudflare yep i'm like 99% its a common wallet drainer known as monkey drainer / seaport drainer or some fork of it claims to be able to drain a wallet with only one signature request. I've seen this large block of code before in a sample I've deobfuscated (this is obfuscated)
@CloudflareAbuse @Cloudflare obfuscation is a technique used by malware developers to make code difficult for humans to read but still easy for computers, you see it a lot in JavaScript as the code needs to be public as it runs inside the victims browser, deobfuscation is reversing it back to normal
always good to do a quick view source on the page, not very helpful but the tool they used to clone the real page left some information in there.
if anyone watching knows a tool or something to pull the destination addresses out of the JS let me know
that account went down fast @elonmusk aint messing around
@elonmusk same but in Spanish¿ no interactions though
@threadreaderapp unroll
Share this Scrolly Tale with your friends.
A Scrolly Tale is a new way to read Twitter threads with a more visually immersive experience.
Discover more beautiful Scrolly Tales like this.