Immutable

DeFi

Base

Immutable AI Labs appears to have been compromised as it was spotted sharing a risky link for its IMMU token airdrop. Web3 security researchers found other instances of compromised social media profiles recently.&nbsp; 
Immutable AI Labs had its social media profile compromised, as discovered by Web3 Antivirus. The inquisition came after Immutable AI’s X account was found spreading a fake link for users to check their eligibility ahead of its new IMMU token airdrop.&nbsp; 
The risk is still present, as the Immutable AI X account is still not frozen or suspended. The malicious link was still active hours after the initial posting. The fake link uses a spoof ImmutableAI website, with only a slight difference to the real eligibility checker. The hijacked account has also been spreading the phishing link through replies. 
Address checkers do not flag the spoof site as risky, and the Web3 Antivirus tool only flags the risk when trying to connect a wallet. 
<figure id="attachment_619086" aria-describedby="caption-attachment-619086" style="width: 100%" class="wp-caption alignnone">
 <img loading="lazy" decoding="async" class="wp-image-619086 size-full" src="https://www.cryptopolitan.com/wp-content/uploads/2024/11/FakeAddressNovember272024.png" alt="Fake address for Immutable AI Labs, offering a spoof link to connect a wallet. " width="730" height="174" srcset="https://www.cryptopolitan.com/wp-content/uploads/2024/11/FakeAddressNovember272024.png 730w, https://www.cryptopolitan.com/wp-content/uploads/2024/11/FakeAddressNovember272024-300x72.png 300w" sizes="(max-width: 730px) 100vw, 730px">
 <figcaption id="caption-attachment-619086" class="wp-caption-text">
 Fake address for Immutable AI Labs, offering a spoof link to connect a wallet.
 </figcaption>
</figure> 
Hijacked social media accounts are one of the main methods of distributing fake token addresses and phishing links. This time, the mixup also included a fully spoofed website. The Web3 Antivirus service marks the address as risky, containing a wallet drainer and a spoofed Ethereum address that looks legitimate.&nbsp; 
<h3 id="span-style-font-weight-400-immutable-ai-labs-hijackers-advertising-fake-immu-token-span">Immutable AI Labs hijackers advertising fake IMMU token </h3> 
For Immutable AI Labs, the IMMU token is not mentioned anywhere else on social media, with no detailed conditions on the airdrop. Immutable AI has nothing to do with ImmutableX, which is a separate project that claims to secure AI training models on the blockchain.&nbsp; 
Social media attacks spoofed users of up to $3.5M in the past few months, according to blockchain tracking by <a href="https://x.com/zachxbt/status/1861450263925559399" rel="nofollow" target="_blank">ZachXBT</a>. The accounts attacked were mostly crypto insiders, though they also included the social media handle of McDonald’s.&nbsp; 
Stolen X accounts may be especially tricky, as there have been cases where the hacker regains control of the app even after <a href="https://x.com/realScamSniffer/status/1861207674165305431" rel="nofollow" target="_blank">recovery</a>. Sometimes, a hacker may set up a passkey on a mobile app, which is usually sufficient to re-enter the account and send out messages. 
The exploit hinged on the passkey creation, which is not immediately visible to the true account owner. For Web3 and other projects, account recoveries must take into account the potential for access through a passkey, which must be revoked.&nbsp;&nbsp; 
As tokens gain value and activity increases, phishing links now have more opportunities to hide in various forms. DeFi activity, token sales, NFT mints, or other Web3 activities are all viable options for creating wallet drainers, fake tokens, or Pump.fun rug pulls.&nbsp; 
<h3 id="span-style-font-weight-400-aerodrome-dex-also-impersonated-through-malicious-google-ads-span">Aerodrome DEX also impersonated through malicious Google ads</h3> 
In cases where hackers cannot take control of a social media account, fake advertisements on Google searches are still a common tool for spreading spoofed links.&nbsp;One recent attack involved the <a href="https://www-cryptopolitan-com.webpkgcache.com/doc/-/s/www.cryptopolitan.com/defi-llama-warns-against-malicious-link-spoofing-its-service/">DeFi Llama</a> trading service. 
The best approach to avoid these traps is to bookmark the legitimate links for most DEX and DeFi services instead of relying on a Google search every time. Some links may need to be double-checked or, as a last resort, tested with a wallet that does not contain significant reserves. 
<blockquote class="twitter-tweet" data-width="550" data-dnt="true"> 
 🚨 Security Alert: We've detected phishing ads impersonating Aerodrome on Google! These scam ads could steal your assets if you connect wallet &amp; sign transactions. 
 🛡️ Safety Tips: • Skip Google Ads results • Bookmark trusted sites • Never rush into signing transactions <a href="https://t.co/OkCg3uK4Zy" rel="nofollow" target="_blank">pic.twitter.com/OkCg3uK4Zy</a> 
 — Scam Sniffer | Web3 Anti-Scam (@realScamSniffer) <a href="https://twitter.com/realScamSniffer/status/1861720377887723563?ref_src=twsrc%5Etfw" rel="nofollow noopener" target="_blank">November 27, 2024</a>
</blockquote> 
<script async src="https://platform.twitter.com/widgets.js" charset="utf-8"></script> 
The popularity of the Base blockchain and its ability to reach valuable assets made hackers post a fake ad for Aerodrome, one of its most active DEXs.&nbsp; 
This time, the sponsored content was removed almost immediately. The attack against Base shows the chain has established itself as one of the main stores of value. Until recently, scam tracking services noted more than 95% of exploits targeted Ethereum. Base, as a Layer 2, still carries valuable assets, including USDC tokens.&nbsp; 
Solana wallet exploits are even riskier since the signed permission cannot be revoked. Once a drainer controls the wallet with a signed permission, that address is forever tainted and not safe to store any assets, even if the user controls their private keys.&nbsp; 
Scam links often drain small-scale wallets. However, some of the biggest exploits have reached more than <a href="https://dune.com/scam-sniffer/september-scam-sniffer-2024-phishing-report" rel="nofollow noopener" target="_blank">$32M</a>. Pink Drainer, the most common wallet draining tool, has so far accrued more than <a href="https://dune.com/scamsniffer/pinkdrainer-stats" rel="nofollow noopener" target="_blank">$8B</a> in multi-chain assets, with 22,161 victims. Targeted wallet draining for large sums is usually the more efficient option, but general spoof links still attempt to drain the wallets of retail users. 
<a href="https://www.cryptopolitan.com/crypto-career-launchpad-waitlist/?utm_source=cryptopolitan&amp;utm_medium=banner&amp;utm_campaign=ccl-waitlist-1" target="_blank">A Step-By-Step System</a> To Launching Your Web3 Career and Landing High-Paying Crypto Jobs in 90 Days.

Immutable AI Labs social media compromised, spreads phishing links

Table of Contents

Cryptopolitan_News

Other articles published on Nov 27, 2024

Ripple Labs Critiques SEC’s Enforcement Actions

Dogecoin Spearheads Cryptocurrency Innovation with Groundbreaking ETP Launch

How BTFD Coin, Mog Coin and Popcat Earn the Title of Best Meme Coins to Buy Now

Analyst Now Believes Shiba Inu Is Poised For Another Surge

Musk sounds alarm on US debt, gets reminded of $8 trillion from Trump era

Giant Company Dogecoin (DOGE) Announced Its Decision! "It Will Be a First!"

Join our free newsletter for daily crypto updates!