Popular Rapper's X Profile Hacked to Promote Crypto Phishing Site

American rapper Nelly has seen his X (formerly Twitter) account hacked and used to carry out social engineering attacks to lure unsuspecting individuals to a crypto phishing site.

In a recent message on Telegram, on-chain investigator ZachXBT noted that the hacker even modified Nelly's profile to falsely present themselves as a security analyst for Scam Sniffer, a reputable web-based security solution. 

"On-chain security analyst. Helping you catch scammers @realscamsniffer," the bio of the compromised account read.

However, the account has since been removed or deleted, with a message stating that it no longer exists.

Nelly, whose real name is Cornell Iral Haynes Jr., is a well-known rapper with a successful career marked by eight studio albums and numerous accolades, including three Grammy Awards and nine Billboard Music Awards.

ZachXBT also shared two messages sent by the scammer to unsuspecting individuals, attempting to deceive them by claiming to investigate compromises in wallet approvals on the recipients' addresses. 

The tactic is aimed at tricking users into signing malicious transactions and ultimately stealing their funds.

Scam Sniffer, the legitimate security solution, confirmed ZachXBT's findings on X and warned users about the compromised account impersonating their team. 

"@NellioETH is compromised and pretending to be a member of ScamSniffer. They are trying to message people in an attempt to social engineer them into using a phishing site," Scam Sniffer stated on X. 

"Please always make sure you are visiting scamsniffer.io."

Crypto Continues to Suffer From Hacks

The crypto space has been plagued by a series of hacks and scams since the start of the year, particularly in the third quarter of 2023. 

According to a report by blockchain security platform Immunefi, there were 76 hacks on crypto and Web3 projects and firms in Q3 2023, a significant increase compared to the 30 hacks reported in the same period in 2022.

In total, approximately $332 million has been lost to various exploits, hacks, and scams throughout September, marking a record-high month for crypto exploits. 

One notable event was the Mixin Network attack on September 23. The Hong Kong-based decentralized cross-chain transfer protocol suffered a substantial breach, resulting in a loss of $200 million due to a breach of its cloud service provider.

Another major incident occurred on September 12, when CoinEx, a cryptocurrency exchange, experienced a suspected attack following a substantial outflow from four of its hot wallets. This breach led to losses exceeding $53.1 million across the hot wallets.

More recently, Stars Arena, a social platform supported by Avalanche's Contract Chain, has fallen victim to a significant security breach.

Meanwhile, crypto exchange HTX, which experienced a security breach in late September that resulted in the loss of $8 million worth of crypto assets, has managed to recover the stolen funds.