In anticipation of Blast’s airdrop Wednesday, a minefield of malicious links cropped up on Twitter as scammers appeared to leverage tools meant for verified organizations.
One suspicious link eventually made its way into Blast's official Discord server too, before a potentially wallet-draining link was swatted down by a community moderator.
Users of the Ethereum layer-2 scaling network were collectively set to receive 17 billion BLAST tokens as part of the network’s initial airdrop. Created by makers of the incentivized NFT marketplace Blur, Blast’s distribution yielded an initial market cap of $392 million.
Myriad fraudulent posts, however, claimed that Blast’s airdrop had started much sooner than anticipated. Bearing the same profile picture and what appeared to be the same display name as Blast’s legitimate Twitter (aka X) account, several accounts beckoned users to visit fake websites hastily, while bearing “Gold checkmarks” that were introduced under the platform’s current owner, Elon Musk.
Ethereum layer-2 network Blast’s hotly anticipated airdrop finally went live on Wednesday morning, gifting users hundreds of millions of dollars worth of free tokens.
But within minutes, many airdrop claimants immediately began selling off their BLAST bags, pushing the token’s price down and leading many to express disappointment in the token giveaway that many apparently assumed would be multitudes larger in scale.
BLAST’s token debuted at a price of roughly $0.025 this morning, putting the 1...
“THE MOMENT YOU ALL HAVE BEEN WAITING FOR,” a now-deleted account called studio_tribu wrote, which is unaffiliated. “The $BLAST Allocation Checker is now LIVE!”
Scammy links on Crypto Twitter are nothing new, but Wednesday's flood of fake posts underscores the platform’s ongoing challenges in thwarting bad actors. At least a dozen accounts emulated Blast while boasting a gold checkmark, given out to affiliates of verified organizations, all churning out fake posts.
A screenshot of a Blast airdrop scam post (URL obscured). Image: Decrypt
For example, Twitter’s website states that each applicant looking to become a verified organization is reviewed. Yet an account called Blast_L2_now__ had attained verification, simply adding “_now__” onto Blast’s actual Twitter username in an attempt to get users to click a scam link and connect their wallets.
One victim lost $217,000 worth of crypto after visiting a phishing website that mimicked Blast, according to the cybersecurity firm Scam Sniffer. The user had unwittingly signed multiple phishing signatures at once, Scam Sniffer wrote.
🚨 Beware of fake Blast phishing websites! 🕵️♂️ 10 minutes ago, a victim lost $217,947 due to signing multiple phishing signatures. 💸🔗 pic.twitter.com/GSJfjLSNht
— Scam Sniffer | Web3 Anti-Scam (@realScamSniffer) June 26, 2024
Within Blast’s official Discord community, a scam link was also shared, according to neried, one of the project’s pseudonymous core contributors. “Don’t click that,” the account warned another Discord member, who had remarked, “Saying invalid link.”
Verified organizations pay at least $200 a month for perks that include priority support and a distinguished look within Twitter. According to the platform’s website, that service also includes monitoring accounts for defense against impersonation. Verified organizations can offer affiliated badges and gold checkmarks to employees or advocates, but that also apparently opens the door to potential misuse.
Gawd damn the amount of scam links under the Blast airdrop post.
Anyone know how to get to the claim page from the official site?
Blast’s legitimate Twitter has employed a common defense against impersonation that many crypto projects use. When stringing posts together, it warns users that “this is the final tweet in this thread” at the end, while warning users to watch for impersonators.
Even so, the kind of FOMO that fuels many crypto industry traders still manages to lure some users to jump on illicit links without doing due diligence, often paying a hefty cost in the process.
Android users beware: A newly discovered piece of malware is targeting smartphone crypto wallets.
Uncovered by fraud prevention firm ThreatFabric, the “Crocodilus” mobile banking trojan employs tools including remote control, black screen overlays, and advanced data harvesting through accessibility logging to trick crypto holders into handing over their wallet seed phrase.
The malware “is masquerading as crypto-related apps and involves specific social engineering techniques to make victims reve...
A 7.7 magnitude earthquake struck near Mandalay, Myanmar, last Friday, leaving the immediate area devastated with at least 2,000 people dead and over 3,400 injured, with the number expected to rise as data from neighboring countries such as Thailand comes in.
The 10-kilometer deep quake released energy comparable to hundreds of nuclear explosions, according to data from the U.S. Geological Survey. It was the most powerful earthquake to have hit Myanmar since 1912 and so far is the second deadlie...
Terraform Labs has opened an online portal for investors to submit compensation claims for financial losses stemming from the May 2022 de-pegging of TerraUSD.
Managed by administrators at New York-based Kroll, the portal will open on Monday, March 31 and close on April 30, giving loss-making investors a month to file claims.
Applicants will have to submit evidence supporting their filings, including wallet addresses in which Terra-based cryptocurrencies were held, as well as transaction logs for...