Business intelligence firm MicroStrategy’s X account has been hacked, posting several malicious links to claim a fake airdrop of a nefarious $MSTR token to its nearly 200,000 followers.
Once a user clicks on the link they are directed to a copycat MicroStrategy webpage which directs them to connect a wallet and claim the fake $MSTR airdrop. Once users accept a series of permissions in their Web3 wallet, the attackers can automatically drain the tokens out of the user's wallet.
According to independent blockchain sleuth ZachXBT and anti-scam platform Scam Sniffer, losses incurred from the scam have already tallied over $440,000.
0xe7645b8672b28a17dd0d650a5bf89539c9aa28da
— ZachXBT (@zachxbt) February 26, 2024
~$440K stolen from the compromise so far
Scam Sniffer, an unknown user lost approximately $440,000 to a phishing scam approximately 1 hour ago.
someone lost $424,786 worth of $wBAI, $wPOKT, and $CHEX to phishing scams about 5 minutes ago. pic.twitter.com/GEJvHEXuM7
— Scam Sniffer | Web3 Anti-Scam (@realScamSniffer) February 26, 2024
The time of the attack and the holdings of the attacker’s wallet address match up, suggesting the unknown user fell victim to the MicroStrategy drainer.
This is a developing story, and further information will be added as it becomes available.