Hackers gained access to the New York Post’s official X account and used it to send direct messages attempting to scam crypto users. Users began reporting the suspicious activity early in the day.
The private messages were designed to appear as invitations for users to feature in a podcast. The message text proposed both in-person and virtual collaboration options.
Instead of posting public messages on the feed, the malicious actors sent direct messages to select users. This method appeared intended to target individuals privately rather than broadcast broadly.
Following the initial contact, recipients were directed to communicate via Telegram. This move shifted the conversation to a platform outside of X.
Reports indicate the scam progressed to an invitation for an online meeting, potentially a Zoom call. During such calls, users might be prompted to enable audio over Wi-Fi or data.
This enabling step could allow the hacker to gain unauthorized access to the user's computer. With remote control, the goal is often to locate and steal cryptocurrency holdings.
Kerberus founder and CEO Alex Katz was among the first to identify and flag the fraudulent messages originating from the New York Post account.
Blockchain sleuth ZachXBT also alerted their community to be cautious of the unsolicited contact.
Donny Clutterbuck, associated with NFT Bitcoin's ordinals platform Fomojis, also reported receiving messages. He suggested the potential for a Zoom exploit via audio prompts.
After sending the initial scam message, the recipient was reportedly blocked from replying to the New York Post account. This tactic prevents the user from notifying the organization directly about the compromise and avoids revealing the hack to the account managers immediately.
This incident is not the first time the New York Post's social media presence has faced security issues. The account experienced a 2022 incident where obscene messages were posted.