Crypto drainers spread via hijacked Netgear, Hyundai X accounts

BleepingComputer reports that Netgear and Hyundai Middle East & Africa had their official accounts on X, formerly Twitter, compromised to facilitate the distribution of cryptocurrency wallet drainer malware. Threat actors who took over Netgear's X account on Jan. 6 have leveraged the account to reply to tweets from BRCapp that sought to deceive followers into entering a site purporting to offer $100,000 to the first thousand users who connect their cryptocurrency wallets but instead exfiltrates all of the victims' stored NFTs and other assets. Similar cash offers were made by attackers who hijacked Hyundai MEA's account to spoof the cross-platform multiplayer role-playing game Overworld. Crypto drainer lures have already been removed by Hyundai MEA but Netgear has yet to recover its account. Such a development follows the increasing compromise of verified X accounts belonging to businesses and governments to spread cryptocurrency scams, with Mandiant, CertiK, and Bloomberg Crypto among the most recent victims.