Microstrategy X Account Hack Sees Over $400,000 Lost

Reading Time: 2 minutes
  • Hackers have breached the security of Microstrategy’s X account and are promoting a fake token airdrop
  • The malicious actors are using the airdrop to steal funds from connected wallets
  • Unsuspecting Microstrategy X account followers have lost over $400,000

Malicious actors have taken hold of Microstrategy’s X account in their quest to steal assets from web3 users. The hackers breached the business intelligence firm’s X account yesterday February 25 and started promoting a fake Ethereum token airdrop. Unsuspecting followers who interacted with the links provided saw their crypto wallets drained with one such victim losing about $420,000, an indication that scammers are preying on the trust of Microstrategy’s X account followers.

A Phony Microstrategy Website

According to on-chain investigator Scam Sniffer, the individual who lost over $420,000 clicked a link “from the compromised Microstrategy X account.” Another blockchain sleuth, ZachXBT, estimated that the malicious actors have cumulatively stolen approximately $440,000 “so far.”

Entities that investigated the trail of events reported that the malicious links directed followers to a phony Microstrategy website. The website asked visitors to connect their wallets to be able to claim the free tokens, after which their funds were drained.

Microstrategy seems to have taken back control of the account since the scammers’ posts were missing at the time of writing. The firm is, however, yet to provide a statement about the incident.

The hack comes barely two weeks after researchers unearthed the bit-flip attack used by scammers to drain crypto wallets. The new tactic enables malicious actors to change a transaction’s details after signing.

SEC Blames a SIM Swap Attack

Microstrategy isn’t the first crypto-affiliated firm whose X account has been compromised. Ethereum-based staking platform Rocket Pool, for example, recently suffered the same attack with hackers directing followers to a wallet drainer.

Others that have suffered the same sting include the United States Securities watchdog SEC which blamed the incident on a SIM swap attack.

With Microstrategy yet to address the incident, it remains unclear whether the hack was preceded by a SIM swap attack.