The largest cyberattack this week occurred on Monday evening when the legitimate OpenAI X account, @OpenAINewsroom was hacked. The hackers managed to deceive approximately 54,000 followers with a phishing message proclaiming the recently launched cryptocurrency token, $OPENAI.
The fake post declares that users of OpenAI can stake their claim of a share of the initial supply and turn the token into "the bridge for AI and blockchain."
A tweet falsely claimed, "All OpenAI users are eligible to claim a share of the initial $OPENAI supply. Holding $OPENAI will give you access to all of our future beta programs." The link took users to a fraudulent website.
So far, OpenAI has been mum on the measures it is taking over the issues that had raised questions over this hack. Just before the hacks occurred there was a company memorandum warning staff over a series of hacks that had taken place resulting from account takeover hacks targeting staff which therefore sharpened security measures.
This is the latest scam in a line of many using the social media accounts of OpenAI. Yesterday, the researcher Jason Wei's account was used to launch the fake $OpenAI token. Weeks ago, even senior company figures such as Chief Scientist Jakub Pachocki and Chief Technology Officer Mira Murati's accounts were hacked.
According to an FBI report, losses from crypto scams grew 45% last year. Crypto scams in August were up to US$310 million, becoming the second-highest monthly loss in 2024.
According to a report by blockchain security firm CertiK, only US$10.3 million was recovered from these scams, and the net loss came out to be a whopping US$300.6 million. Among the largest hacks to date of 2024 was the Indian crypto exchange hack of WazirX. WazirX hack losses go above US$230 million affecting many Indian crypto investors’ faith in the exchange. Read more
Such an incident raises various questions about the safety of the accounts on OpenAI. The company issued advice to the users. The company said that the users while engaging with a tweet must remain alert for phishing and check the accounts for anything suspicious in nature.