CloudSEK’s latest research uncovers a troubling trend indicating a surge in compromised Twitter account sales with the coveted “Gold” verification badge on dark web marketplaces and forums. These accounts, targeted by threat actors, pose a huge risk for organizations and individuals alike, as they can be used to spread disinformation, launch phishing attacks, and steal sensitive information.
Twitter Gold, a recently introduced paid feature, grants account a gold badge alongside the blue and grey tick, signifying legitimacy and brand recognition. However, the ease of obtaining Twitter Gold has attracted malicious actors who are purchasing and compromising accounts to further their nefarious activities.
CloudSEK’s Investigation Reveals:
- Dark web marketplaces are flooded with advertisements selling Twitter Gold accounts. Prices range from $35 for a basic account to $2,000 for accounts with large followings.
- Threat actors are using various methods to acquire these accounts, including brute-forcing passwords and stealing credentials through information stealer malware.
- Compromised accounts are then used to spread phishing links, promote scams, and impersonate legitimate organizations
The Dangers of Twitter Gold Scams:
Phishing attacks: Hackers can use Twitter Gold accounts to send seemingly legitimate tweets containing malicious links that steal personal information, such as login credentials and credit card numbers.
Disinformation campaigns: Malicious actors can spread false information and propaganda through Twitter Gold accounts, potentially impacting public opinion and causing reputational damage.
Financial scams: Hackers can use these accounts to promote fake investment opportunities, cryptocurrency scams, and other financial frauds.
Recommendations for Organizations and Individuals:
Organizations: Regularly monitor brand mentions on Twitter and implement strong password policies to protect against account compromise.
Individuals: Be wary of tweets from unknown accounts, especially those with the Gold badge. Do not click on suspicious links or engage with accounts that seem too good to be true.