The Chief Technology Officer of OpenAI, Mira Murati, seemingly fell prey to a malicious hacking incident on Thursday evening.
With a remarkable tenure of over five years at OpenAI, contributing extensively to the development of advanced AI software, Murati encountered an unforeseen setback as her Twitter account slipped out of her control.
At approximately 6:03 p.m. Pacific Time, as indicated by tweet timestamps, her compromised account became a vessel for endorsing a suspicious cryptocurrency venture known as “$OPENAI.”
A strange series of events unfolded when unauthorized tweets emerged on Murati’s Twitter account, urging her unsuspecting followers to deposit funds into an Ethereum digital wallet address.
The scheme promised free “airdropped” coins as part of an enticing new initial coin offering. Surprisingly, these deceitful tweets were swiftly removed, only to resurface moments later with slight modifications to their wording.
Surpassing a distressing span of 45 minutes, the tweets continued to tamper with Murati’s account, causing a great deal of concern.
However, it is crucial to note that Murati’s account has since been restored to its original state, with the incriminating tweets removed, ultimately preserving the integrity of her online presence.
Are Twitter’s Changed Security Measures to Blame?
Twitter implemented modifications to its two-factor authentication policies, and unfortunately, Mira Murati’s account appears to have fallen victim to hacking amidst this altered security landscape.
These policy adjustments specifically eliminated the availability of SMS text messaging as a safeguarding option, except for users subscribed to the premium Twitter Blue service.
This development has not gone unnoticed by security professionals, who caution that such changes might potentially expose high-profile accounts to increased vulnerability and susceptibility to unauthorized takeovers.
As scrutiny grows, the implications of this incident highlight the need for continued vigilance in maintaining online security measures.
Notably, Murati’s Twitter profile proudly displays the coveted blue checkmark, a symbol denoting her subscription to Twitter Blue and the implied retention of SMS two-factor authentication privileges.
After examining the website shared in the tweet, people noticed that the site appears to be an intricate imitation, skillfully replicating the layout and design elements of an authentic project known as ChainGPT.
This imitation bears an uncanny resemblance to its genuine counterpart, with only subtle modifications, notably the inclusion of a prompt that urges visitors to connect a crypto wallet.
The level of sophistication demonstrated by this deceptive website raises concerns regarding its intentions and underscores the importance of vigilant scrutiny when engaging with online platforms of a financial nature.
A Cunning Scheme
According to a reputable security researcher hailing from Beosin, a prominent blockchain security firm, the deceptive website in question deploys a crypto wallet-draining kit that entices visitors into unknowingly signing requests.
Once the visitor’s request is signed, the attacker seizes the opportunity to transfer NFTs and ERC-20 tokens from the victim’s wallet, resulting in a distressing loss of assets.
This revelation sheds light on the devious strategies employed by cybercriminals, emphasizing the critical need for heightened caution when interacting with unfamiliar online platforms.
The insights provided by Beosin’s researcher sheds light on the urgent importance of comprehensive security measures to safeguard against such malicious activities.
Not an Isolated Incident
The timing of the crypto scammers’ decision to exploit Murati’s Twitter account for promoting their fraudulent scheme is quite strange.
The incident occurred amidst the widespread buzz surrounding OpenAI’s ChatGPT platform, which has captivated audiences worldwide with its remarkable generative AI capabilities.
Similar crypto-related hacking incidents have been witnessed previously. In March, the Twitter account of a prominent news channel from India was compromised, leading to the promotion of a bogus crypto airdrop.
Incidents like these serve as stark reminders of the persistent threat posed by crypto scammers targeting high-profile accounts on social media platforms.