Hijacked YouTube channels pushing crypto scams using Trump assassination narrative


Fraudsters have been quick to capitalize on the assassination attempt on former president Donald Trump by luring victims and offering them “double” crypto deposits on YouTube.

Bitdefender Labs researchers found a new crypto-doubling scheme running on dozens of hacked YouTube channels. In this scheme, scammers are leveraging the attack against Trump to lure new victims.

Since July 16th, these channels have been rolling fake streams of Elon Musk, claiming that he’ll share hidden insights into the incident.

ADVERTISEMENT

Deepfake Musk crypto “giveaways” are nothing new on YouTube. Recently, a new fake video stream resurfaced, with cybercriminals streaming the deep fake production on a loop.

However, this time, cybercriminals adjusted the stream descriptions to include the #Trump hashtag, and also additional insights into Musk’s alleged political affiliation and support.

Some channels have more than a million subscribers. However, after being hijacked, they were renamed, and the original content was removed. Some carried the names “Tesla” or “Donald Trump Jr.”

“The potential reach of the scam is very troubling since one of the hijacked channels that began promoting the scams has 1.26 million subscribers. Other instances show a subscriber count of over 700,000 and in the lower ranges of 100,000,” researchers noted.

The provided screenshots reveal that one of the fake streams had 61,000 viewers, and another added 20,000 viewers at the same time. The view counts were probably boosted by bots.

“Elon Musk plans to provide about $45 million a month to a new political committee supporting former US leader Donald Trump as part of the presidential campaign #Tesla #Musk #Trump,” Bitdefender shared one of the descriptions.

fake-description

Scanning the provided QR codes is dangerous, as they lead to fraudulent websites impersonating Tesla or other brands. These websites advertise fake crypto giveaways, where participants are lured into sending a desired amount of cryptocurrency, which will then be “doubled” and sent back.

ADVERTISEMENT

Scammers have created at least five malicious domains for the campaign: musktrump[.]org, tesla-elon[.]gives, elomusk[.]finance, muskrise[.]io and taketesla[.]org.

Users are advised to be wary of videos and links with clickbait titles associated with Tesla, Trump, or any celebrity and event, not to scan QR codes in “too good to be true” offers, and to report suspicious activities.