Bitcoin
Bitcoin (BTC)
$62,285.00 3.25037
Bitcoin price
Ethereum
Ethereum (ETH)
$2,435.19 4.54331
Ethereum price
BNB
BNB (BNB)
$556.35 2.76832
BNB price
Solana
Solana (SOL)
$143.82 6.48381
Solana price
XRP
XRP (XRP)
$0.532553 3.04173
XRP price
Shiba Inu
Shiba Inu (SHIB)
$0.0000175 10.47735
Shiba Inu price
Pepe
Pepe (PEPE)
$0.0000094 10.64696
Pepe price
Bonk
Bonk (BONK)
$0.0000219 10.26598
Bonk price
Bitcoin
Bitcoin (BTC)
$62,285.00 3.25037
Bitcoin price
Ethereum
Ethereum (ETH)
$2,435.19 4.54331
Ethereum price
BNB
BNB (BNB)
$556.35 2.76832
BNB price
Solana
Solana (SOL)
$143.82 6.48381
Solana price
XRP
XRP (XRP)
$0.532553 3.04173
XRP price
Shiba Inu
Shiba Inu (SHIB)
$0.0000175 10.47735
Shiba Inu price
Pepe
Pepe (PEPE)
$0.0000094 10.64696
Pepe price
Bonk
Bonk (BONK)
$0.0000219 10.26598
Bonk price
Bitcoin
Bitcoin (BTC)
$62,285.00 3.25037
Bitcoin price
Ethereum
Ethereum (ETH)
$2,435.19 4.54331
Ethereum price
BNB
BNB (BNB)
$556.35 2.76832
BNB price
Solana
Solana (SOL)
$143.82 6.48381
Solana price
XRP
XRP (XRP)
$0.532553 3.04173
XRP price
Shiba Inu
Shiba Inu (SHIB)
$0.0000175 10.47735
Shiba Inu price
Pepe
Pepe (PEPE)
$0.0000094 10.64696
Pepe price
Bonk
Bonk (BONK)
$0.0000219 10.26598
Bonk price
Bitcoin
Bitcoin (BTC)
$62,285.00 3.25037
Bitcoin price
Ethereum
Ethereum (ETH)
$2,435.19 4.54331
Ethereum price
BNB
BNB (BNB)
$556.35 2.76832
BNB price
Solana
Solana (SOL)
$143.82 6.48381
Solana price
XRP
XRP (XRP)
$0.532553 3.04173
XRP price
Shiba Inu
Shiba Inu (SHIB)
$0.0000175 10.47735
Shiba Inu price
Pepe
Pepe (PEPE)
$0.0000094 10.64696
Pepe price
Bonk
Bonk (BONK)
$0.0000219 10.26598
Bonk price

X users at risk as crypto scammers exploit new design flaw

x-users-at-risk-as-crypto-scammers-exploit-new-design-flaw
Edited by
News
X users at risk as crypto scammers exploit new design flaw

Crypto scammers have found a new way to abuse X interface to propagate scams, fake giveaways, and deceptive Telegram channels.

As reported by BleepingComputer, fraudsters have started actively taking advantage of what appears to be a user interface flaw, enabling them to create seemingly legitimate URLs containing malicious content.

This flaw, initially identified by X user @rcwht_, empowers scammers to publish tweets that mimic those from authentic accounts.

According to BleepingComputer, scammers can change the status_id field while putting the legitimate tag in the account_name field. For instance:

https://x.com/[account_name]/status/[status_id] would look like https://x.com/itscrypto_news/status/1736650221243826564

In the example above, the link would be displayed as if it were posted by crypto.news. However, when a user opens the link, it redirects them to Elon Musk‘s post as the status ID fetches the corresponding post from the website’s database without verifying if the post is linked to the account_name field.

The vulnerability apparently allows scammers to modify the account name, even for high-profile accounts. As a result, fraudsters have been exploiting the flaw for a few weeks now, targeting crypto-related accounts such as Binance, Ethereum Foundation, and many others with fake airdrops, security researcher MalwareHunterTeam told BleepingComputer.

The report notes that this redirect is a standard X feature and is unlikely to change for enhanced security. Consequently, users are advised to scrutinize the address bar when clicking on X links to confirm they visit the intended tweet without redirection.