Malicious Bitcoin Vanity Addresses Used to Scam Users Out of Two Million USD
Bitcoin giveaway scams, while not new, have evolved with the use of a new trick to give the scam more credibility. The “trick” in question involves the use of vanity Bitcoin addresses (addresses that incorporate a custom word into the address itself) in order to convince the victim that the address is legitimate. The cybersecurity firm Adaptiv has tracked the use of over 66 Bitcoin addresses that contain “Elon Musk” (or a variation thereof) created since late April 2020. This particular campaign has been very effective recently. An overview of the 66 Elon Musk vanity addresses shows that since April 2020, 214 Bitcoin, worth approximately two million US dollars, has passed through these accounts. The method used by this actor to distribute the vanity Bitcoin addresses is also quite unique. Hackers will compromise high-follower count YouTube accounts and change the name/graphics to mimic a celebrity or trusted brand. Next, they’ll launch a live stream and broadcast the scam. With the addition of the Bitcoin vanity address, this helps the scam look very credible and convincing.