Cybercriminals Exploit Attack on Donald Trump for Crypto Scams

Researchers at Bitdefender Labs remain ever-vigilant, informing users about the latest scams and internet perils that threaten their security and finances.

The latest discovery involves cybercriminals exploiting an alleged assassination attempt on former US President Donald Trump to conduct extensive crypto-doubling schemes.

Stream-Jacking Attacks on YouTube

Stream-jacking attacks on YouTube, where hijacked channels are used to promote fraudulent schemes, are not new. However, cybercriminals continue to refine and adapt their tactics to maximize their reach and success.

In a recent development, threat actors have leveraged the assassination attempt against Donald Trump to lure unsuspecting victims into their crypto-doubling scam.

The Mechanics of the Scam

Bitdefender researchers have identified dozens of hijacked YouTube channels that have been broadcasting deep fake live streams featuring Elon Musk since July 16. These streams purport to reveal insights into the assassination attempt on Trump.

Protect Your Business Emails From Spoofing, Phishing & BEC with AI-Powered Security | Free Demo

While the videos do not mention the incident, the channel descriptions provide additional context, falsely linking Elon Musk to political support for Trump.

One such description reads, “Elon Musk plans to provide about $45 million a month to a new political committee supporting former US leader Donald Trump as part of the presidential campaign #Tesla #Musk #Trump.

“Another hijacked channel description states, “Former President Donald Trump was the target of an apparent assassination attempt Saturday at a Pennsylvania rally, just days before he was to accept the Republican nomination for a third time.

Amidst a barrage of gunfire, a bloodied Trump, who reported being shot in the ear, was surrounded by Secret Service and hurried to his SUV, all while defiantly pumping his fist.

Trump’s campaign has since stated that the presumptive GOP nominee is doing ‘fine’ after the shooting, which pierced the upper part of his right ear.

The incident set off panic at the rally, with many attendees seeking cover from the unexpected violence. Billionaire Elon Musk reacted to the incident, stating Saturday evening that he ‘fully’ supports Donald Trump.

Musk’s statement has added a new dimension to the unfolding events, hinting at potential political endorsements in the upcoming election. #Tesla #Musk #Trump.”

Hijacked Channels and Deepfake Videos

Not all hijacked YouTube channels have changed their names, but some have been renamed “Tesla” or “Donald Trump Jr.”

The threat actors have stripped these channels of their original content and begun livestreaming the same deepfake video promoting crypto-doubling offers under titles like “Elon Musk Reveals Insights on Trump Assassination Attempt and Election Support.”

The potential reach of this scam is alarming. One of the hijacked channels has 1.26 million subscribers, while others have subscriber counts ranging from 100,000 to over 700,000.

The broadcasts use looped-deep fake videos of Elon Musk, encouraging viewers to scan a QR code embedded in the video to participate in a crypto giveaway.

Fraudulent Websites and QR Codes

Scanning these QR codes directs users to fraudulent websites hosted on domains resembling the impersonated brand, such as Tesla, or domains that associate Musk’s and Trump’s names.

Examples of these malicious domains include musktrump[.]org, tesla-elon[.]gives, elomusk[.]finance, muskrise[.]io, and taketesla[.]org.

Bitdefender’s anti-phishing and anti-fraud filtering systems have detected and blocked these domains.

Protecting Against Crypto-Doubling Scams

Vigilance and adherence to good cyber practices are crucial to avoid such scams.

Bitdefender researchers recommend the following steps:

  1. Be Wary of Click-Bait Titles: Avoid videos and links with sensational titles related to Tesla or the attack on Donald Trump.
  2. Check for Malicious Domains: Identify malicious domains and ensure your security systems block them.
  3. Secure Your YouTube Account: Follow dedicated guides to keep your YouTube account safe from hijackers.
  4. Scrutinize Crypto Investment Promises: Be skeptical of messages and videos promising double returns on crypto investments.
  5. Avoid Scanning QR Codes in Videos: Do not scan QR codes in YouTube videos that offer too-good-to-be-true crypto giveaways.
  6. Inspect YouTube Channels for Suspicious Activity: Look for signs such as missing or deleted videos and closed comment sections.
  7. Report Suspicious Activity: Notify the platform or other relevant parties about any suspicious activity.
  8. Use Comprehensive Security Solutions: Employ trusted security solutions that can block phishing attempts and fraudulent links.
  9. Utilize Scamio for Verification: When in doubt, use Bitdefender’s Scamio to analyze texts, messages, links, QR codes, or images for potential scams.
  10. Scamio is available on Facebook Messenger, WhatsApp, and web browsers and can be shared with others in various countries.

As cybercriminals continue exploiting high-profile events for their schemes, users must stay informed and vigilant.

Individuals can protect themselves from these sophisticated crypto-doubling scams by following the recommended precautions and utilizing advanced security solutions.

Join our free webinar to learn about combating slow DDoS attacks, a major threat today.

Divya

Divya is a Senior Journalist at GBhackers covering Cyber Attacks, Threats, Breaches, Vulnerabilities and other happenings in the cyber world.

Recent Posts

New VIPKeyLogger Via Weaponized Office Documenrs Steals Login Credentials

The VIPKeyLogger infostealer, exhibiting similarities to the Snake Keylogger, is actively circulating through phishing campaigns. …

12 hours ago

INTERPOL Urges to End ‘Pig Butchering’ & Replaces With “Romance Baiting”

INTERPOL has called for the term "romance baiting" to replace "pig butchering," a phrase widely…

12 hours ago

New I2PRAT Malware Using encrypted peer-to-peer communication to Evade Detections

Cybersecurity experts are sounding the alarm over a new strain of malware dubbed "I2PRAT," which…

13 hours ago

Earth Koshchei Employs RDP Relay, Rogue RDP server in Server Attacks

 A new cyber campaign by the advanced persistent threat (APT) group Earth Koshchei has brought…

14 hours ago

Careto – A legendary Threat Group Targets Windows By Deploy Microphone Recorder And Steal Files

Recent research has linked a series of cyberattacks to The Mask group, as one notable…

15 hours ago

RiseLoader Attack Windows By Employed A VMProtect To Drop Multiple Malware Families

RiseLoader, a new malware family discovered in October 2024, leverages a custom TCP-based binary protocol…

15 hours ago