A professional golf long driver appears to have had has his Twitter account hacked to spread the latest Elon Musk bitcoin scam.
A scammer took control of Callaway Golf long driver Will Hogue’s verified Twitter account and changed the name and profile picture to match that of Tesla CEO Elon Musk.
Replying to a tweet by the real Elon Musk, in which he declared his love for ramen, the scammer offered a surprise to those that visited the site spacex.gift.
The page copies the appearance of online publishing platform Medium and offers a link where it claims users can get free Bitcoin and another to free Ethereum.
Visitors are asked to “verify” their address by sending cryptocurrency to a Bitcoin or Ethereum wallet. The scammer promises to send back ten times that amount.
As if the warning bells were not already enough, it promises a customised Tesla 3 to those sending 6 BTC or 40 ETH, complete with free delivery.
Verdict looked at the transactions going into the Ethereum account and the Bitcoin account. Fortunately, only a handful of people fell for the scam with amounts of around $30.
Elon Musk Bitcoin scammer is probably a copycat
Elon Musk Bitcoin scams have been popping up on Twitter since February this year. In November, scammers took control of the Twitter accounts of Pathe Films, Pantheon Books and Matalan promoting a similar scam, making off with tens of thousands of dollars.
However, this scam has all the hallmarks of a copycat. Verdict inspected spacex.gift’s site code and it appears that the scammer created a page on Medium with a post by a profile named @eIolmmusk. The scammer then lifted the site code before it was suspended and reused it on spacex.gift with a canonical URL to give it an air of credibility.
The Elon Musk Bitcoin scammer also imitated real Medium users with links to their real profiles and attributed fake comments promoting the scam.
According to website directory WhoIs, spacex.gift was registered on the 6/11/18 and spacex.gives a day later. Both are registered in Panama but all personal information is redacted.
SpaceX.gives, the domain offering details of the scammer’s BTC and ETH wallets, gives the illusion of people sending Bitcoin to the account every few minutes. But an inspection of the site’s code shows the table is made up of hard-coded fictional data built to run on a loop.
Notably, this scam did not target a Twitter account with a large number of followers. Previous scams have also filled the compromised account with SpaceX or Tesla tweets to further convince users checking the profile. This one did not.
Verdict compared the Bitcoin wallet address from the previous Pathe films/Musk scam and found that they were two different wallets. This lends more weight to the copycat profile, but doesn’t rule out the original scammer/scammers having multiple crypto wallets.
The code for the .gives site also appears to have been created for use on May 25, suggesting that someone has copied and re-uploaded it.
All of these factors suggest a relatively low level of technical skill and indicate a copycat.