HomeWinBuzzer NewsCrypto Scammers Exploit Microsoft India’s Verified Twitter Account

Crypto Scammers Exploit Microsoft India’s Verified Twitter Account

Microsoft's official and gold verified India Twitter/X account has been attacked by a SIM-Swapping breach.


A recent cyberattack has compromised Microsoft's official Twitter account in India, exposing over 211,000 followers to a scam. The hackers, posing as Roaring Kitty—an alias for the popular trader Keith Gill—have aimed to trick users into connecting their cryptocurrency wallets to a malicious site. The breach was announced and detailed by X's Safety team

By exploiting the account's gold verification checkmark, the attackers sought to establish trustworthiness. They have leveraged Keith Gill's recent online visibility to mislead users, directing them to a fake website (presaIe-roaringkitty[.]com) that purports to host a GameStop cryptocurrency presale. Users deceived into linking their wallets risk having their assets compromised by drainer malware.

Extending Reach with Retweet Bots

To maximize exposure, the scammers have employed bot accounts to retweet posts from the compromised handle, thereby increasing the malicious content's visibility. This method is designed to expand their potential victim pool by artificially boosting the posts' prominence.

There has been a noticeable uptick in the hijacking of verified Twitter accounts that belong to both governmental and business entities, often marked with ‘gold' or ‘grey' checkmarks. Such accounts are frequently used to lend authenticity to misleading tweets that guide users to phishing sites related to cryptocurrency scams or malware. An example includes the recent breach of the U.S. Securities and Exchange Commission's (SEC) through a SIM-swapping attack, which led to a false announcement about Bitcoin ETFs, temporarily influencing Bitcoin prices. The SEC's account lacked protection from two-factor authentication at that time.

Other similar incidents involve the Twitter accounts of companies like Netgear and Hyundai MEA, as well as the Web3 security firm CertiK, all being compromised to promote cryptocurrency wallet drainers. The trend of verified accounts has been on the rise, providing scammers with a facade of credibility.

Surge in Malicious Crypto Advertisements

Twitter users have also faced a wave of malevolent cryptocurrency ads that result in scams, fake airdrops, and wallet drainers. According to blockchain threat analysis firm ScamSniffer, a notorious wallet drainer named ‘MS Drainer' has reportedly stolen around $59 million from approximately 63,000 individuals between March and November.

Hackers modified the description of 's hijacked account to focus on stock-picking and investment advice, with claims of live streams for educational purposes. Despite some fraudulent posts being removed, hackers persist in reposting from the compromised account, which remains unsecured.

The trend of targeting verified accounts can be attributed to the credibility these accounts inherently possess, making deceptive tactics more effective. Techniques such as SIM-swapping and social engineering underscore vulnerabilities in current security protocols. Additionally, the increasing prominence of cryptocurrency attracts cybercriminal activities.

SourceX Safety
Luke Jones
Luke Jones
Luke has been writing about all things tech for more than five years. He is following Microsoft closely to bring you the latest news about Windows, Office, Azure, Skype, HoloLens and all the rest of their products.

Recent News