Friday, December 27, 2024
Homecyber securityCybercriminals Exploit Attack on Donald Trump for Crypto Scams

Cybercriminals Exploit Attack on Donald Trump for Crypto Scams

Published on

SIEM as a Service

Researchers at Bitdefender Labs remain ever-vigilant, informing users about the latest scams and internet perils that threaten their security and finances.

The latest discovery involves cybercriminals exploiting an alleged assassination attempt on former US President Donald Trump to conduct extensive crypto-doubling schemes.

Stream-Jacking Attacks on YouTube

Stream-jacking attacks on YouTube, where hijacked channels are used to promote fraudulent schemes, are not new. However, cybercriminals continue to refine and adapt their tactics to maximize their reach and success.

- Advertisement - SIEM as a Service

In a recent development, threat actors have leveraged the assassination attempt against Donald Trump to lure unsuspecting victims into their crypto-doubling scam.

The Mechanics of the Scam

Bitdefender researchers have identified dozens of hijacked YouTube channels that have been broadcasting deep fake live streams featuring Elon Musk since July 16. These streams purport to reveal insights into the assassination attempt on Trump.

Protect Your Business Emails From Spoofing, Phishing & BEC with AI-Powered Security | Free Demo

While the videos do not mention the incident, the channel descriptions provide additional context, falsely linking Elon Musk to political support for Trump.

One such description reads, “Elon Musk plans to provide about $45 million a month to a new political committee supporting former US leader Donald Trump as part of the presidential campaign #Tesla #Musk #Trump.

“Another hijacked channel description states, “Former President Donald Trump was the target of an apparent assassination attempt Saturday at a Pennsylvania rally, just days before he was to accept the Republican nomination for a third time.

Amidst a barrage of gunfire, a bloodied Trump, who reported being shot in the ear, was surrounded by Secret Service and hurried to his SUV, all while defiantly pumping his fist.

Trump’s campaign has since stated that the presumptive GOP nominee is doing ‘fine’ after the shooting, which pierced the upper part of his right ear.

The incident set off panic at the rally, with many attendees seeking cover from the unexpected violence. Billionaire Elon Musk reacted to the incident, stating Saturday evening that he ‘fully’ supports Donald Trump.

Musk’s statement has added a new dimension to the unfolding events, hinting at potential political endorsements in the upcoming election. #Tesla #Musk #Trump.”

Hijacked Channels and Deepfake Videos

Not all hijacked YouTube channels have changed their names, but some have been renamed “Tesla” or “Donald Trump Jr.”

The threat actors have stripped these channels of their original content and begun livestreaming the same deepfake video promoting crypto-doubling offers under titles like “Elon Musk Reveals Insights on Trump Assassination Attempt and Election Support.”

The potential reach of this scam is alarming. One of the hijacked channels has 1.26 million subscribers, while others have subscriber counts ranging from 100,000 to over 700,000.

The broadcasts use looped-deep fake videos of Elon Musk, encouraging viewers to scan a QR code embedded in the video to participate in a crypto giveaway.

Fraudulent Websites and QR Codes

Scanning these QR codes directs users to fraudulent websites hosted on domains resembling the impersonated brand, such as Tesla, or domains that associate Musk’s and Trump’s names.

Examples of these malicious domains include musktrump[.]org, tesla-elon[.]gives, elomusk[.]finance, muskrise[.]io, and taketesla[.]org.

Bitdefender’s anti-phishing and anti-fraud filtering systems have detected and blocked these domains.

Protecting Against Crypto-Doubling Scams

Vigilance and adherence to good cyber practices are crucial to avoid such scams.

Bitdefender researchers recommend the following steps:

  1. Be Wary of Click-Bait Titles: Avoid videos and links with sensational titles related to Tesla or the attack on Donald Trump.
  2. Check for Malicious Domains: Identify malicious domains and ensure your security systems block them.
  3. Secure Your YouTube Account: Follow dedicated guides to keep your YouTube account safe from hijackers.
  4. Scrutinize Crypto Investment Promises: Be skeptical of messages and videos promising double returns on crypto investments.
  5. Avoid Scanning QR Codes in Videos: Do not scan QR codes in YouTube videos that offer too-good-to-be-true crypto giveaways.
  6. Inspect YouTube Channels for Suspicious Activity: Look for signs such as missing or deleted videos and closed comment sections.
  7. Report Suspicious Activity: Notify the platform or other relevant parties about any suspicious activity.
  8. Use Comprehensive Security Solutions: Employ trusted security solutions that can block phishing attempts and fraudulent links.
  9. Utilize Scamio for Verification: When in doubt, use Bitdefender’s Scamio to analyze texts, messages, links, QR codes, or images for potential scams.
  10. Scamio is available on Facebook Messenger, WhatsApp, and web browsers and can be shared with others in various countries.

As cybercriminals continue exploiting high-profile events for their schemes, users must stay informed and vigilant.

Individuals can protect themselves from these sophisticated crypto-doubling scams by following the recommended precautions and utilizing advanced security solutions.

Join our free webinar to learn about combating slow DDoS attacks, a major threat today.

Divya
Divya
Divya is a Senior Journalist at GBhackers covering Cyber Attacks, Threats, Breaches, Vulnerabilities and other happenings in the cyber world.

Latest articles

Lumma Stealer Attacking Users To Steal Login Credentials From Browsers

Researchers observed Lumma Stealer activity across multiple online samples, including PowerShell scripts and a...

New ‘OtterCookie’ Malware Attacking Software Developers Via Fake Job Offers

Palo Alto Networks reported the Contagious Interview campaign in November 2023, a financially motivated...

NjRat 2.3D Pro Edition Shared on GitHub: A Growing Cybersecurity Concern

The recent discovery of the NjRat 2.3D Professional Edition on GitHub has raised alarms...

Palo Alto Networks Vulnerability Puts Firewalls at Risk of DoS Attacks

A critical vulnerability, CVE-2024-3393, has been identified in the DNS Security feature of Palo...

API Security Webinar

72 Hours to Audit-Ready API Security

APIs present a unique challenge in this landscape, as risk assessment and mitigation are often hindered by incomplete API inventories and insufficient documentation.

Join Vivek Gopalan, VP of Products at Indusface, in this insightful webinar as he unveils a practical framework for discovering, assessing, and addressing open API vulnerabilities within just 72 hours.

Discussion points

API Discovery: Techniques to identify and map your public APIs comprehensively.
Vulnerability Scanning: Best practices for API vulnerability analysis and penetration testing.
Clean Reporting: Steps to generate a clean, audit-ready vulnerability report within 72 hours.

More like this

Lumma Stealer Attacking Users To Steal Login Credentials From Browsers

Researchers observed Lumma Stealer activity across multiple online samples, including PowerShell scripts and a...

New ‘OtterCookie’ Malware Attacking Software Developers Via Fake Job Offers

Palo Alto Networks reported the Contagious Interview campaign in November 2023, a financially motivated...

NjRat 2.3D Pro Edition Shared on GitHub: A Growing Cybersecurity Concern

The recent discovery of the NjRat 2.3D Professional Edition on GitHub has raised alarms...