After the death of Duo, Duolingo’s beloved mascot, cybercriminals capitalized on the event to scam unsuspecting victims.
Following Duolingo’s announcement that a Cybertruck had supposedly killed its mascot, cybercriminals leveraged the hype to push fake cryptocurrency and other scams.
an important message from Duolingo pic.twitter.com/jTTT680yVs
undefined Duolingo (@duolingo) February 11, 2025
BforeAI, a cybersecurity company that uses artificial intelligence to predict and prevent cyber threats, found that the bad actors were mainly using the event to promote crypto scams.
On the day of the announcement, BforeAI’s research team found a rebranded social media account on X from 2016, which was being used to push a cryptocurrency that doesn’t exist.
This fake crypto coin also had an accompanying website called “Justice for Duo,” which researchers called a “sympathetic strategy to push for more financial investments.”
Another crypto token called “Duo Everywhere” popped up along with an accompanying “Duo Lives” website.
Two other crypto-themed websites appeared with the same name, “Duolingo,” but they had yet to go live.
Cybercriminals even created a new mascot called “Baby Duolingo” to lure victims into investing and promote a pump-and-dump crypto scheme.
Researchers identified another fake Duolingo mascot, “Hooty,” which was created by cybercriminals to promote a new crypto coin.
While it wasn’t directly related to the Duolingo brand, BforeAI believes that it was likely connected, considering that the mascot was also an owl and appeared similar to Duo.
Researchers found another two domains three days after the announcement that were under construction and not in operation. This could mean that cybercriminals are potentially using these domains to conduct cyberattacks.
One of the websites, “Duo Lives,” offered users a Google Chrome extension that would “bring your favorite language-learning companion to every corner of the web.”
However, this Chrome extension raises security concerns as the safety of the extension is unknown and could even contain malicious code that can be used to steal users' data.
There was also a fake apparel store that mimicked Duolingo’s brand. The store supposedly sold plush toys and other accessories.
However, the website didn’t exist, which is likely just another scam where orders for products would be placed but would never be delivered.
Your email address will not be published. Required fields are markedmarked