News

MicroStrategy hack: Fake MSTR AirDrop costs users $440K

The hacked post showed MicroStrategy announcing the launch of a token called MSTR.

Published

on

  • Users had lost a cumulative $440k due to the phishing scam as of this writing.
  • MicroStrategy was yet to officially confirm the hack.

The X (formerly Twitter) account of MicroStrategy, the world’s largest publicly traded holder of Bitcoin [BTC], was compromised and used to post a phishing AirDrop link a few hours ago.

The incident was brought to light by an X user Spreek

at 12:40 am UTC on the 26th of February.

The snippet of the now-deleted post showed MicroStrategy announcing the launch of a token called MSTR, fully backed by its BTC reserves.

Unsuspecting users were lured into clicking the AirDrop link, only to be robbed of their crypto holdings. On-chain investigator ZachXBT

pegged the losses at $440K.

As of this writing, MicroStrategy has yet to officially confirm the hack, and further details are awaited.

Co-founded by Bitcoin maximalist Michal Saylor, MicroStrategy possessed holdings of 190,000 BTC as per its Q4 2023 earnings report. This amounted to a whopping $9.8 billion at prevailing market prices.

Phishing attacks proliferate

According to Web3 anti-scam platform Scam Sniffer, nearly $300 million was lost due to crypto phishing scams in 2023, with over 320K users falling prey to such fraudulent campaigns.

The trend carried into 2024 as around $55 million was stolen in January from over 40K victims.

Analyzing the January trends, Scam Sniffer noted,

“It is evident that there was a theft peak almost every few days, often related to airdrops or popular projects.”

AirDrops were increasingly being used as a weapon to wipe out funds. Last month, the email services of popular Web3 companies were hacked

and used to send AirDrop claim links.

The coordinated phishing attack resulted in losses to the top of $580,000.

Such cases require extra prudence from the users, and it’s always advisable to research before jumping on the offer. Spot red flags like sending any kind of crypto asset before being able to claim AirDropped tokens.