Bitcoin
Bitcoin (BTC)
$60,983.00 -4.81585
Bitcoin price
Ethereum
Ethereum (ETH)
$3,292.87 -5.26065
Ethereum price
BNB
BNB (BNB)
$563.65 -3.56091
BNB price
Solana
Solana (SOL)
$126.99 -3.44094
Solana price
XRP
XRP (XRP)
$0.4741970 -1.43178
XRP price
Shiba Inu
Shiba Inu (SHIB)
$0.0000168 -5.27361
Shiba Inu price
Pepe
Pepe (PEPE)
$0.0000107 -4.55243
Pepe price
Bonk
Bonk (BONK)
$0.0000202 -0.13937
Bonk price
Bitcoin
Bitcoin (BTC)
$60,983.00 -4.81585
Bitcoin price
Ethereum
Ethereum (ETH)
$3,292.87 -5.26065
Ethereum price
BNB
BNB (BNB)
$563.65 -3.56091
BNB price
Solana
Solana (SOL)
$126.99 -3.44094
Solana price
XRP
XRP (XRP)
$0.4741970 -1.43178
XRP price
Shiba Inu
Shiba Inu (SHIB)
$0.0000168 -5.27361
Shiba Inu price
Pepe
Pepe (PEPE)
$0.0000107 -4.55243
Pepe price
Bonk
Bonk (BONK)
$0.0000202 -0.13937
Bonk price
Bitcoin
Bitcoin (BTC)
$60,983.00 -4.81585
Bitcoin price
Ethereum
Ethereum (ETH)
$3,292.87 -5.26065
Ethereum price
BNB
BNB (BNB)
$563.65 -3.56091
BNB price
Solana
Solana (SOL)
$126.99 -3.44094
Solana price
XRP
XRP (XRP)
$0.4741970 -1.43178
XRP price
Shiba Inu
Shiba Inu (SHIB)
$0.0000168 -5.27361
Shiba Inu price
Pepe
Pepe (PEPE)
$0.0000107 -4.55243
Pepe price
Bonk
Bonk (BONK)
$0.0000202 -0.13937
Bonk price
Bitcoin
Bitcoin (BTC)
$60,983.00 -4.81585
Bitcoin price
Ethereum
Ethereum (ETH)
$3,292.87 -5.26065
Ethereum price
BNB
BNB (BNB)
$563.65 -3.56091
BNB price
Solana
Solana (SOL)
$126.99 -3.44094
Solana price
XRP
XRP (XRP)
$0.4741970 -1.43178
XRP price
Shiba Inu
Shiba Inu (SHIB)
$0.0000168 -5.27361
Shiba Inu price
Pepe
Pepe (PEPE)
$0.0000107 -4.55243
Pepe price
Bonk
Bonk (BONK)
$0.0000202 -0.13937
Bonk price
SirWin
SirWin
SirWin

X users at risk as crypto scammers exploit new design flaw

x-users-at-risk-as-crypto-scammers-exploit-new-design-flaw
Edited by
News
X users at risk as crypto scammers exploit new design flaw

Crypto scammers have found a new way to abuse X interface to propagate scams, fake giveaways, and deceptive Telegram channels.

As reported by BleepingComputer, fraudsters have started actively taking advantage of what appears to be a user interface flaw, enabling them to create seemingly legitimate URLs containing malicious content.

This flaw, initially identified by X user @rcwht_, empowers scammers to publish tweets that mimic those from authentic accounts.

According to BleepingComputer, scammers can change the status_id field while putting the legitimate tag in the account_name field. For instance:

https://x.com/[account_name]/status/[status_id] would look like https://x.com/itscrypto_news/status/1736650221243826564

In the example above, the link would be displayed as if it were posted by crypto.news. However, when a user opens the link, it redirects them to Elon Musk‘s post as the status ID fetches the corresponding post from the website’s database without verifying if the post is linked to the account_name field.

The vulnerability apparently allows scammers to modify the account name, even for high-profile accounts. As a result, fraudsters have been exploiting the flaw for a few weeks now, targeting crypto-related accounts such as Binance, Ethereum Foundation, and many others with fake airdrops, security researcher MalwareHunterTeam told BleepingComputer.

The report notes that this redirect is a standard X feature and is unlikely to change for enhanced security. Consequently, users are advised to scrutinize the address bar when clicking on X links to confirm they visit the intended tweet without redirection.