Hackers Turn Twitter of Belgian Non-Profit Into Fake Coinbase Promo Account

Published at: Jan. 10, 2019

The Twitter account of a Belgian non-profit was evidently hacked and made into a fake affiliate account of United States crypto exchange Coinbase. The impersonating account posted what what appeared to be a scam giveaway promotion, allegedly celebrating Coinbase's user base growth in a tweet today, Jan. 9, that has since been deleted.

Scammers had targeted the account of the Federation of Enterprises in Belgium (FEB), a non-profit organization that aims to promote the interests of Belgian businesses.

After taking control of the FEB’s Twitter account, the scammers transformed the account to appear to be affiliated with Coinbase. The account’s description read “Official Coinbase Promotion Account,” and its profile and cover photos featured Coinbase branding, as well as a link to Coinbase’s official site.  

The scammers were unable to change the Twitter account’s handle, which remained @VBOFEB, a combination of the abbreviations of the organization’s name in Dutch and French.

Screenshot from the FEB’s hacked Twitter account impersonating a Coinbase promotion account, Jan. 9

By press time, Coinbase branding has been removed from the Twitter account, though retweets from Coinbase’s official account still remain in the account’s feed.

Screenshot of the FEB’s Twitter account at press time, Jan. 9

The scam giveaway tweet posted today mimics a common crypto scam model on Twitter, urging followers to send a small amount of crypto in order to receive a larger amount. The scammers’ tweet urged users to participate in a fraudulent 3,000 BTC giveaway, allegedly in honor of Coinbase’s user base growth to “over 30,000.000 [sic] users.”

Screenshot of fake Coinbase tweet promoting a scam giveaway

In addition to the Twitter account’s handle, other signs that the giveaway tweet and accounts were a scam included inconsistent number formatting and grammatical errors. Coinbase’s alleged user base, according to the tweet, was “30,000.000,” or thirty thousand, while the giveaway statement also read: “We giving [sic] away 3 000 BTC.”

In October, Ran Neuner, the host of CNBC’s Crypto Trader, revealed that the number of Coinbase user accounts had reached 25 million by that time, with 600,000 user actively trading on the platform.

At press time, the FEB has not replied to Cointelegraph’s request for comment.

Crypto-related giveaway scams on Twitter often involve scammers impersonating major industry names, such as Charlie Lee or Elon Musk, subtly changing characters in the original account’s name to dupe users.

Tags
Cryptocurrencies
Hackers
Coinbase
Twitter
Bitcoin Scams
Related Posts
Recent Firefox Zero-Day Flaw Was Used in Attacks Against Coinbase’s Employees
The recent Firefox’s zero-day security flaw was used in attacks against major crypto exchange and wallet service Coinbase, according to a tweet from Coinbase security researcher Philip Martin posted on June 20. As Martin found, the reported critical zero-day vulnerability in Mozilla’s Firefox web browser, which was announced on June 18, has actually emerged along with another zero-day flaw that targeted Coinbase employees, meaning that there were two separate Firefox zero-day attacks. The Coinbase security expert tweeted: “On Monday, Coinbase detected & blocked an attempt by an attacker to leverage the reported 0-day, along with a separate 0-day firefox sandbox …
Cryptocurrency Exchange / June 20, 2019
Report: Google G Suite Twitter Account Compromised to Promote 10,000 Bitcoin Scam
The official Twitter account of Google's G Suite was reportedly compromised to promote a Bitcoin (BTC) giveaway scam, technology and business news outlet the Next Web reported Nov. 13. The G Suite Twitter account was reportedly hacked to advertise a BTC giveaway scam to the page’s more than 800,000 followers. Scammers supposedly spread a message luring users to participate in a fraudulent 10,000 BTC giveaway, concurrently announcing that Google’s G Suite now accepts cryptocurrency as a means of payment. Screenshot of the scam message. Source: The Next Web According to the Hard Fork, the message disappeared barely more than 10 …
Cryptocurrencies / Nov. 14, 2018
Android Malware Targets Users of 32 Crypto Apps, Including Coinbase, BitPay
A new strain of Trojan malware for Android phones is targeting global users of top crypto apps such as Coinbase, BitPay and Bitcoin Wallet, as well as banks including JPMorgan, Wells Fargo, and Bank of America. The news was reported by technology news outlet The Next Web on March 28. Based on research from prominent cybercrime analytics firm Group-IB, this is reportedly the first time the Trojan — now named “Gustuff” — has been reported or analyzed. The malware is described as being designed for mass infection and is spread by SMS messages with links to load malicious Android package …
Cryptocurrencies / March 29, 2019
Indian prime minister Modi's hacked Twitter account attempts BTC scam
The official Twitter account of Indian Prime Minister Narendra Modi got compromised earlier today, which was then used to share misleading information about the mainstream adoption of Bitcoin (BTC) and redistribution of 500 BTC among the Indian citizens. On Dec. 10, Modi said in a virtual event virtual summit hosted by US President Joe Biden that technologies such as cryptocurrencies should be used to empower democracy and not undermine it: “By working together, democracies can meet the aspirations of our citizens and celebrate the democratic spirit of humanity.” While the long-awaited Lok Sabha Winter Session, a parliamentary meetup intended to …
Adoption / Dec. 12, 2021
Hackers Steal $100,000+ Worth of BTC From Engineering Manager at Crypto Custodian BitGo
Sean Coonce, engineering manager at cryptocurrency custodian BitGo, announced that he has fallen victim to a SIM swapping hack in a Medium post published on May 20. According to the post, Coonce had over $100,000 siphoned out of his account on cryptocurrency exchange Coinbase in under 24 hours. In his post, Coone details SIM swapping, a practice that sees the attacker maliciously requesting a telecommunications carrier to redirect the traffic of a mobile phone number to a device over which they have control. This device is then used to obtain two-factor-authentication (2FA) codes which grant control over the victim’s online …
Cryptocurrency Exchange / May 22, 2019