OpenAI’s press account hacked to promote phishing scam with OPENAI token

Cryptocurrency scammers have hijacked OpenAI’s press account to post phishing links targeting OpenAI users.

Although the posts have now been deleted, crypto scammers managed to promote a suspicious phishing link by taking over OpenAI’s official press account on X on September 23. The ChatGPT developer has yet to acknowledge the breach.

Someone gained access to the official OpenAI Newsroom X account.

This is the fourth OpenAI X account to be compromised in the last 15 months. pic.twitter.com/PxFOtPFNFB

— Smoke-away (@SmokeAwayyy) September 23, 2024

Those behind the attack have introduced a token called “OPENAI” that they claim will bridge the gap between blockchain and artificial intelligence.

The posts falsely promised that users would be able to claim a portion of the token supply, gain access to the platform’s future beta programs, and were encouraged to click on a phishing link that led to a flagged website.

To create an air of legitimacy and prevent eagle-eyed users from warning others about the attack, the attackers disabled comments on the malicious posts and added the following message: “Comments are closed due to malicious links. Good luck everyone!”

A user on X claimed that the fake website was designed to mimic the OpenAI brand and appeared legitimate at first glance. However, when clicking on the OpenAI logo, visitors were prompted to connect their wallets.

Fake OpenAI website asking users to connect their crypto wallets. | Source: X

When users connect their wallets to a malicious platform like this, they are tricked into signing a fraudulent transaction. This transaction often appears legitimate but actually gives the attacker control over the user’s assets and allows them to drain any funds stored in the compromised wallet.

These attacks, known as ‘confirmation phishing’, have caused over $2.7 billion in losses since 2021, according to Chainalysis.

Unfortunately, similar attacks have targeted OpenAI executives many times before.

Most recently, OpenAI researcher Jason Wei’s account was hacked to promote the same phishing scheme that attackers used to target OpenAI’s Chief Scientist Jakub Pachocki. Last year, OpenAI CTO Mira Murati also faced a similar breach in June 2023.

Virtual reality-focused project Decentraland suffered the same fate last week, Crypto.news reported, with scammers promoting a fake airdrop of the native token to trick users into connecting their wallets and confirming a malicious transaction.

Although all of the attacks in question are similar, it is not known whether the same group of attackers are behind them.