Business intelligence firm MicroStrategy’s X account has been hacked, posting malicious links to a fake airdrop of a so-called "official" Ethereum-based MSTR token.

MicroStrategy's account began posting malicious links on Feb. 25. Source: X

A user clicking on the link is directed to a copycat MicroStrategy webpage which directs them to connect a wallet and claim the fake $MSTR airdrop. Once users accept a series of permissions in their Web3 wallet, it is understood the attackers can automatically drain the tokens out of the user’s wallet. 

According to independent blockchain sleuth ZachXBT and anti-scam platform Scam Sniffer, losses incurred from the scam have already tallied over $440,000.

0xe7645b8672b28a17dd0d650a5bf89539c9aa28da

~$440K stolen from the compromise so far

— ZachXBT (@zachxbt) February 26, 2024

Scam Sniffer said just one user had lost over $420,000 to the phishing scam at approximately 12:43 am UTC, only several minutes after the first malicious link was posted to MicroStrategy's account on X. 

someone lost $424,786 worth of $wBAI , $wPOKT , and $CHEX to phishing scams about 5 minutes ago. pic.twitter.com/GEJvHEXuM7

— Scam Sniffer | Web3 Anti-Scam (@realScamSniffer) February 26, 2024

The unknown user lost a total of $424,786 worth of altcoins, with one transfer going to the MicroStrategy attacker and two being automatically re-routed to a second wallet associated with the notorious hacking group PinkDrainer . 

Related:  ZachXBT recovers majority of $177K stolen NFT proceeds after 9-month probe

The unknown victim signed for a transaction that saw a total of $134,000 worth of wBAI, $122,000 worth of CHEX and $45,000 worth of wPOKT sent to the attacker’s wallet address. 

As of the time of publication, the MicroStrategy attacker's wallet address holds a total of $329,000 worth of Ethereum-based tokens, per Ethereum DeBank.

The MicroStrategy attacker's wallet holds a total of $329,000 in stolen funds. Source: DeBank

Crypto industry pundits were quick to point out the somewhat obvious nature of the scam, with the pseudonymous British crypto investor Cobie noting that MicroStrategy, a firm exclusively focused on Bitcoin, most likely wouldn't launch a token on Ethereum.

"Obviously trying not to be victim blaming here but you gotta be very special to think MicroStrategy is launching an ETH token after Saylor has spent multiple years very famously saying 'there is no second best' and 'you only use one chair' etc."

NFT Collector, DCinvestor: Is this the best NFT collection in the world?

Update (Feb. 26, 2:43 am UTC): This article has been updated to include further details surrounding the MicroStrategy attacker.