Cybercriminals Exploit Attack on Donald Trump for Crypto Scams

Researchers at Bitdefender Labs remain ever-vigilant, informing users about the latest scams and internet perils that threaten their security and finances.

The latest discovery involves cybercriminals exploiting an alleged assassination attempt on former US President Donald Trump to conduct extensive crypto-doubling schemes.

Stream-Jacking Attacks on YouTube

Stream-jacking attacks on YouTube, where hijacked channels are used to promote fraudulent schemes, are not new. However, cybercriminals continue to refine and adapt their tactics to maximize their reach and success.

In a recent development, threat actors have leveraged the assassination attempt against Donald Trump to lure unsuspecting victims into their crypto-doubling scam.

The Mechanics of the Scam

Bitdefender researchers have identified dozens of hijacked YouTube channels that have been broadcasting deep fake live streams featuring Elon Musk since July 16. These streams purport to reveal insights into the assassination attempt on Trump.

Protect Your Business Emails From Spoofing, Phishing & BEC with AI-Powered Security | Free Demo

While the videos do not mention the incident, the channel descriptions provide additional context, falsely linking Elon Musk to political support for Trump.

One such description reads, “Elon Musk plans to provide about $45 million a month to a new political committee supporting former US leader Donald Trump as part of the presidential campaign #Tesla #Musk #Trump.

“Another hijacked channel description states, “Former President Donald Trump was the target of an apparent assassination attempt Saturday at a Pennsylvania rally, just days before he was to accept the Republican nomination for a third time.

Amidst a barrage of gunfire, a bloodied Trump, who reported being shot in the ear, was surrounded by Secret Service and hurried to his SUV, all while defiantly pumping his fist.

Trump’s campaign has since stated that the presumptive GOP nominee is doing ‘fine’ after the shooting, which pierced the upper part of his right ear.

The incident set off panic at the rally, with many attendees seeking cover from the unexpected violence. Billionaire Elon Musk reacted to the incident, stating Saturday evening that he ‘fully’ supports Donald Trump.

Musk’s statement has added a new dimension to the unfolding events, hinting at potential political endorsements in the upcoming election. #Tesla #Musk #Trump.”

Hijacked Channels and Deepfake Videos

Not all hijacked YouTube channels have changed their names, but some have been renamed “Tesla” or “Donald Trump Jr.”

The threat actors have stripped these channels of their original content and begun livestreaming the same deepfake video promoting crypto-doubling offers under titles like “Elon Musk Reveals Insights on Trump Assassination Attempt and Election Support.”

The potential reach of this scam is alarming. One of the hijacked channels has 1.26 million subscribers, while others have subscriber counts ranging from 100,000 to over 700,000.

The broadcasts use looped-deep fake videos of Elon Musk, encouraging viewers to scan a QR code embedded in the video to participate in a crypto giveaway.

Fraudulent Websites and QR Codes

Scanning these QR codes directs users to fraudulent websites hosted on domains resembling the impersonated brand, such as Tesla, or domains that associate Musk’s and Trump’s names.

Examples of these malicious domains include musktrump[.]org, tesla-elon[.]gives, elomusk[.]finance, muskrise[.]io, and taketesla[.]org.

Bitdefender’s anti-phishing and anti-fraud filtering systems have detected and blocked these domains.

Protecting Against Crypto-Doubling Scams

Vigilance and adherence to good cyber practices are crucial to avoid such scams.

Bitdefender researchers recommend the following steps:

  1. Be Wary of Click-Bait Titles: Avoid videos and links with sensational titles related to Tesla or the attack on Donald Trump.
  2. Check for Malicious Domains: Identify malicious domains and ensure your security systems block them.
  3. Secure Your YouTube Account: Follow dedicated guides to keep your YouTube account safe from hijackers.
  4. Scrutinize Crypto Investment Promises: Be skeptical of messages and videos promising double returns on crypto investments.
  5. Avoid Scanning QR Codes in Videos: Do not scan QR codes in YouTube videos that offer too-good-to-be-true crypto giveaways.
  6. Inspect YouTube Channels for Suspicious Activity: Look for signs such as missing or deleted videos and closed comment sections.
  7. Report Suspicious Activity: Notify the platform or other relevant parties about any suspicious activity.
  8. Use Comprehensive Security Solutions: Employ trusted security solutions that can block phishing attempts and fraudulent links.
  9. Utilize Scamio for Verification: When in doubt, use Bitdefender’s Scamio to analyze texts, messages, links, QR codes, or images for potential scams.
  10. Scamio is available on Facebook Messenger, WhatsApp, and web browsers and can be shared with others in various countries.

As cybercriminals continue exploiting high-profile events for their schemes, users must stay informed and vigilant.

Individuals can protect themselves from these sophisticated crypto-doubling scams by following the recommended precautions and utilizing advanced security solutions.

Join our free webinar to learn about combating slow DDoS attacks, a major threat today.

Divya

Divya is a Senior Journalist at GBhackers covering Cyber Attacks, Threats, Breaches, Vulnerabilities and other happenings in the cyber world.

Recent Posts

Critical TP-Link DHCP Vulnerability Let Attackers Execute Arbitrary Code Remotely

A critical security flaw has been uncovered in certain TP-Link routers, potentially allowing malicious actors…

2 days ago

Chinese SilkSpecter Hackers Attacking Black Friday Shoppers

SilkSpecter, a Chinese financially motivated threat actor, launched a sophisticated phishing campaign targeting e-commerce shoppers…

2 days ago

Cybercriminals Launch SEO Poisoning Attack to Lure Shoppers to Fake Online Stores

The research revealed how threat actors exploit SEO poisoning to redirect unsuspecting users to malicious…

2 days ago

Black Basta Ransomware Leveraging Social Engineering For Malware Deployment

Black Basta, a prominent ransomware group, has rapidly gained notoriety since its emergence in 2022…

2 days ago

Critical Laravel Vulnerability CVE-2024-52301 Allows Unauthorized Access

CVE-2024-52301 is a critical vulnerability identified in Laravel, a widely used PHP framework for building…

2 days ago

4M+ WordPress Websites to Attacks, Following Plugin Vulnerability

A critical vulnerability has been discovered in the popular "Really Simple Security" WordPress plugin, formerly…

2 days ago