Bloomberg Twitter account hijacked to send users to phishing malware

You can’t spell “crypto” without “cry”, which is something Bloomberg learned well after its official crypto Twitter account was hijacked and used to launch phishing attacks against its users.

The attackers somehow managed to gain access to the Bloomberg Crypto Twitter account and updated it by adding a link to the @BloombergNewsCrypto Telegram channel. 

While this channel was a legitimate Bloomberg Crypto channel at one point, it was abandoned last summer for the @BloombergCrypto channel. Unfortunately, it was left active (with some 14,000 members, apparently), which the hackers used to gain even more legitimacy among the victims.

Reader Offer: $50 Amazon gift card with demo
Perimeter 81's Malware Protection intercepts threats at the delivery stage to prevent known malware, polymorphic attacks, zero-day exploits, and more. Let your people use the web freely without risking data and network security.

Preferred partner (What does this mean?) 

Stealing login data

From there, the attackers redirected users to a Discord channel (Discord is a widely popular platform in the crypto community) in an attempt to steal their Discord tokens:

"If you are interested, please head over to, our official and only discord server for more information on how to start an application: https://discord[.]gg/bloomberg," the scammers said on Telegram. This Discord channel had almost 34,000 users at press time. "Join the Bloomberg Crypto Discord Server! Check out the Bloomberg Crypto community on Discord - hang out with 33975 other members and enjoy free voice and text chat."

Users looking to join would be prompted to use something resembling AltDentifier, an authentic Discord Verification Bot. Instead of the legitimate link (https://altdentifier.com/) users would get redirected to altdentifiers[.]com, where they would be asked to verify with Discord, a process that essentially steals their login data. 

Victims have 30 minutes to complete the process.

"The server administrators have implemented additional security measures on this server, which include the requirement for all accounts to verify their Discord account," the phishing site says."Once your account is successfully verified, you will be able to freely participate in the server. Please note that administrators have the authority to override the system if necessary."

The scam was first spotted by crypto fraud investigator ZachXBT, with Bloomberg putting a stop to the scheme less than an hour after ZachXBT sounded the alarm.

Via BleepingComputer

More from TechRadar Pro

• New Discord malware targets NFT and crypto fans
• Here's a list of the best firewalls today
• These are the best endpoint security tools right now