New Threat Research: MalSync Teardown: From DLL Hijacking to PHP Malware for Windows  

Read Threat Research

Search

New Elon Musk Club Crypto Giveaway Scam

A new Elon Musk-themed cryptocurrency giveaway scam called either the “Elon Musk Mutual Aid Fund” or “Elon Musk Club” is being promoted through spam email campaigns that started over the past few weeks. Similar crypto scams have been hugely successful and have generated hundreds of thousands of dollars in the past. For example, scammers made $180K in a single day in 2018, Twitter suffered a massive attack where crypto scammers earned $580K in a week in January 2021, and then another scam stole $145K in February. Just last week, someone sent three bitcoins, or $150,074 at the time, to a known crypto giveaway scam. While most cryptocurrency scams target social media users, scammers are also using email to deliver these campaigns. The phishing emails themselves are low effort and include strange, non-descriptive subjects and messages. However, they include an HTML attachment named simply “Get Free Bitcoin – [id].htm” or “Elon Musk Club – [id].htm.” These HTML attachments redirect the browser to a webpage pretending to be an “Elon Musk – Mutual aid fund” that promises to send 0.001 to 0.055 bitcoins to all users who participate. When the user clicks on the `Accept an invitation` button, the browser will be directed to another site called “Bitcoin Donate,” located at https://bitcoindonateur[.]site/. The victim is then prompted to enter a bitcoin address to receive the free bitcoin, a name, and an optional picture at this site. When the ‘Accept donate’ button is clicked, the site will be redirected through a series of pages that pretend to be users donating .001 bitcoin to the designated account. After the account has accrued 0.055 of fake bitcoin donations, the user will be brought to a final page stating that they must first donate 0.001 bitcoins to another user to receive the “financial assistance.” However, these bitcoin addresses are owned by the scammers who take the “donation” but do not send anything in return. So far researchers have seen two bitcoin addresses associated with these scams. While the scammers have only earned approximately $3,661 from these two addresses, many other bitcoin addresses are likely used in this scam. Even worse, while writing this article, the second bitcoin address received three more “donations” showing that this scam continues to be successful.

Analyst Notes

As these scams have the potential to generate a large amount of money for threat actors, they are not going away any time soon and will likely continue to spread to other messaging platforms. Therefore, everyone needs to recognize that almost every crypto giveaway site is a scam, especially those that pretend to be from Elon Musk, Tesla, SpaceX, and Gemini. If you receive emails, tweets, or other messages on social media promoting these types of giveaways, it is safer to realize that any cryptocurrency you send will not produce anything in return.

https://www.bleepingcomputer.com/news/security/new-elon-musk-club-crypto-giveaway-scam-promoted-via-email/