Caution: Elon Musk's X Plagued By Crypto Scammers Exploiting Replies For Fake Giveaways

Elon Musk's X, formerly Twitter, has a seemingly never-ending cryptocurrency spam problem. Now, one of the modes being used by these cryptocurrency scammers has been revealed.

What Happened: Cryptocurrency scammers are abusing a loophole in the way X surfaces posts by decoding links that users click on, according to a report by Bleeping Computer.

See Also: Want To Generate Your Own AI Music? Microsoft Copilot’s Suno Extension Lets You Do It For Free

Essentially, these scammers are trying to impersonate high-profile, verified accounts with a simple trick – they are manipulating the URLs to masquerade them as links to posts by legitimate accounts.

A standard Twitter URL looks like this – https://twitter.com/[username]/status/[status_id]

Alternatively, the Twitter domain could be directed to X.com instead.

The problem in this case is X only uses the "status_id" string to identify the post being referenced instead of authenticating it using the account holder's username as well.

Cryptocurrency scammers are exploiting this loophole by directing users to their posts. However, instead of mentioning their own username, they manipulate the URL by mentioning a reputed account's username.

For example, sample these posts sent to @BenzingaTech:

These replies suggest that the posts they are linking to were sent by @chainlink, but that is actually not the case.

Why It Matters: These cryptocurrency scammers abuse a loophole in X's code to direct unsuspecting users to "crypto drainers". These crypto drainers are essentially websites that connect to users’ cryptocurrency wallets and drain them.

This has been a problem with X for several years, but the abuse of cryptocurrency scammers has become more prominent in the past few months.

Check out more of Benzinga's Consumer Tech coverage by following this link.

Read Next: Ransomware Group Exposes Insomniac Games' Large Data Cache, Unveiling Unreleased Wolverine Game