Researchers at Bitdefender Labs remain ever-vigilant, informing users about the latest scams and internet perils that threaten their security and finances.
The latest discovery involves cybercriminals exploiting an alleged assassination attempt on former US President Donald Trump to conduct extensive crypto-doubling schemes.
Stream-jacking attacks on YouTube, where hijacked channels are used to promote fraudulent schemes, are not new. However, cybercriminals continue to refine and adapt their tactics to maximize their reach and success.
In a recent development, threat actors have leveraged the assassination attempt against Donald Trump to lure unsuspecting victims into their crypto-doubling scam.
Bitdefender researchers have identified dozens of hijacked YouTube channels that have been broadcasting deep fake live streams featuring Elon Musk since July 16. These streams purport to reveal insights into the assassination attempt on Trump.
Protect Your Business Emails From Spoofing, Phishing & BEC with AI-Powered Security | Free Demo
While the videos do not mention the incident, the channel descriptions provide additional context, falsely linking Elon Musk to political support for Trump.
One such description reads, “Elon Musk plans to provide about $45 million a month to a new political committee supporting former US leader Donald Trump as part of the presidential campaign #Tesla #Musk #Trump.
“Another hijacked channel description states, “Former President Donald Trump was the target of an apparent assassination attempt Saturday at a Pennsylvania rally, just days before he was to accept the Republican nomination for a third time.
Amidst a barrage of gunfire, a bloodied Trump, who reported being shot in the ear, was surrounded by Secret Service and hurried to his SUV, all while defiantly pumping his fist.
Trump’s campaign has since stated that the presumptive GOP nominee is doing ‘fine’ after the shooting, which pierced the upper part of his right ear.
The incident set off panic at the rally, with many attendees seeking cover from the unexpected violence. Billionaire Elon Musk reacted to the incident, stating Saturday evening that he ‘fully’ supports Donald Trump.
Musk’s statement has added a new dimension to the unfolding events, hinting at potential political endorsements in the upcoming election. #Tesla #Musk #Trump.”
Not all hijacked YouTube channels have changed their names, but some have been renamed “Tesla” or “Donald Trump Jr.”
The threat actors have stripped these channels of their original content and begun livestreaming the same deepfake video promoting crypto-doubling offers under titles like “Elon Musk Reveals Insights on Trump Assassination Attempt and Election Support.”
The potential reach of this scam is alarming. One of the hijacked channels has 1.26 million subscribers, while others have subscriber counts ranging from 100,000 to over 700,000.
The broadcasts use looped-deep fake videos of Elon Musk, encouraging viewers to scan a QR code embedded in the video to participate in a crypto giveaway.
Scanning these QR codes directs users to fraudulent websites hosted on domains resembling the impersonated brand, such as Tesla, or domains that associate Musk’s and Trump’s names.
Examples of these malicious domains include musktrump[.]org, tesla-elon[.]gives, elomusk[.]finance, muskrise[.]io, and taketesla[.]org.
Bitdefender’s anti-phishing and anti-fraud filtering systems have detected and blocked these domains.
Vigilance and adherence to good cyber practices are crucial to avoid such scams.
Bitdefender researchers recommend the following steps:
As cybercriminals continue exploiting high-profile events for their schemes, users must stay informed and vigilant.
Individuals can protect themselves from these sophisticated crypto-doubling scams by following the recommended precautions and utilizing advanced security solutions.
Join our free webinar to learn about combating slow DDoS attacks, a major threat today.
The VIPKeyLogger infostealer, exhibiting similarities to the Snake Keylogger, is actively circulating through phishing campaigns. …
INTERPOL has called for the term "romance baiting" to replace "pig butchering," a phrase widely…
Cybersecurity experts are sounding the alarm over a new strain of malware dubbed "I2PRAT," which…
A new cyber campaign by the advanced persistent threat (APT) group Earth Koshchei has brought…
Recent research has linked a series of cyberattacks to The Mask group, as one notable…
RiseLoader, a new malware family discovered in October 2024, leverages a custom TCP-based binary protocol…