Key Takeaways
An OpenAI account on X was reportedly hacked and linked to a cryptocurrency scam on Monday – marking the latest in a concerning string of crypto-related security breaches on the platform.
The compromised account posted a link to a scam website and advertised a new OpenAI-themed crypto.
The breach occurred on the company’s “Newsmaker” account, which promoted a crypto token called “$OPENAI.”
The phony post told users to buy an early piece of the token’s initial supply in order to gain access to future beta programs.
“We’re very happy to announce $OPEANAI: the token bridging the gap between Al and blockchain technology,” the post read.
“All OpenAI users are eligible to claim a piece of $OPENAI’s initial supply. Holding $OPENAI will grant access to all of our future beta programs.”
Tim Callan, Chief Experience Officer at cloud security firm Sectigo, told CCN that phishing attacks are “incredibly hard to prevent.”
“Employees should be trained in order to be able to realise when they could be targets of phishing attacks, but businesses should also look at tried-and-tested technologies and implement phishing prevention infrastructures through their IT ecosystems,” he said.
The sheer number of X hacks, especially those linked to crypto scams, is a big concern. OpenAI alone has suffered repeated crypto scam hacks to its high-profile staff accounts.
In June, OpenAI chief scientist Jakub Pachocki and researcher Jason Wei had their X accounts compromised, posting the same scam link as the Newsroom account.
A year prior, OpenAI CTO Mira Murati’s X account was hacked, and a fake token was posted.
Of course, the wave of crypto-related X scams does not just affect OpenAI. Last week, a wave of U.K. politicians had their X accounts compromised .
The identical posts read: “THIS IS HACKED ACCOUNT!!!! INTRODUCING HACKED ON SOLANA on each account we hack we publish the token address so we pump it and make profits together.”
In 2020, hackers managed to infiltrate the accounts of Apple, Joe Biden, Barack Obama, and Elon Musk to post a scam bitcoin wallet. Users were told their money would be doubled and sent back.
The botched posts were seen by over 350 million people.
When the SEC’s X account was hacked in January, concerns about safety on the platform reached a fever pitch.
During the time of the hack, the SEC was in the process of deciding whether to approve Bitcoin Traded Exchange Traded Funds (ETFs). Hackers infiltrated the account to post that the agency had approved them.
Shortly after the hack, SEC Chair Gary Gensler issued a statement confirming, “the SEC has not approved the listing and trading of spot bitcoin exchange-traded products.”
The SEC also said it would work “with law enforcement and our partners across government to investigate the matter and determine appropriate next steps relating to both the unauthorized access and any related misconduct.”
While most eyes were on X to tighten security on the platform, Elon Musk’s social media company pointed the blame at the agency.
The safety team at X posted that the agency’s X account did not have two-factor authentication enabled at the time. This had allowed an “unidentified individual” to access the account through a phone number associated with it.
“We encourage all users to enable this extra layer of security,” the platform wrote.
The rise of crypto scams is placing increased pressure on BigTech to navigate new risks for their users. Last month, the Australian Competition and Consumer Commission (ACCC) found that half of crypto-related Facebook ads were scams.
The ACCC alleged that Meta had been aware of crypto scams in its ads for the past six years.
“Meta has been aware that a significant proportion of cryptocurrency advertisements on the Facebook platform have used misleading or deceptive promotional practices,” the company said in a court ruling.
As well as social media hacks, BigTech is having to compete with the proliferation of deepfake technology.
According to a survey by Regula, synthetic identity fraud, which combines both fake and real identity features, emerged as the most prevalent AI-generated scams, accounting for 46% of reported cases.
Alex Saleh, Head of Partnerships at blockchain protection company Coincover, told CCN that it is imperative that the industry “adopts stringent standards across the board” to protect investors and the integrity of the crypto market.
“With crypto, it’s too easy to lose funds without any means of recovering them and the security of digital assets can no longer be taken for granted,” Saleh said.
According to the FBI, U.S citizens lost $5.6 billion to cryptocurrency scams in 2023, marking a 45% increase from a year prior.
In the first six months of 2024, the net losses from crypto scams reached $1.9 billion.
The FBI believes that the decentralized nature of the cryptocurrency industry is a key reason why scams are rising. Hackers are able to pursue quick and irreversible transactions globally.
“Scams targeting investors who use cryptocurrency are skyrocketing in severity and complexity,” FBI Director Christopher Wray said.