Following Ross Ulbricht’s recent release from a federal penitentiary, a wave of excitement and support prompted immediate fundraising efforts across various platforms. However, the philanthropic atmosphere was quickly marred by malicious actors seeking to exploit the situation. These cybercriminals launched phishing attacks targeting unsuspecting social media users, using the Silk Road founder’s name as bait.
An example of such manipulation was observed on X, where an account shared a link claiming to be an ‘official’ Telegram channel for updates on Ulbricht. The fraudulent post garnered 317 likes before it was eventually removed from the platform.
The cybersecurity education website, VX-Underground, flagged the message as malicious. In a warning to its Telegram channel members, VX-Underground stated, “Ross Ulbricht’s X account is being spammed. When you try to view the ‘official’ Ross Ulbricht Telegram channel it asks to verify your identity, and it gives free malware!”
In an elaborate ruse, the scammers used a Telegram mini app to generate a fake verification screen. Unsuspecting victims, in an attempt to verify their identity, were tricked into executing malicious code on their devices.
Cybersecurity experts have warned about the growing trend of cybercriminals using celebrity names to lure and exploit victims. This manipulation is primarily based on the trust and curiosity that well-known figures evoke among the public. For instance, last week, a woman in France was scammed out of $850,000 by criminals using AI-generated images of Brad Pitt.
John Price, CEO of cybersecurity firm SubRosa, shed further light on this issue. “Celebrity-themed malware is a prime example of social engineering at its most effective. Cybercriminals leverage well-known figures because they capitalize on two fundamental aspects of human psychology: trust and curiosity,” he said.
In explaining the effectiveness of this tactic, Price highlighted that celebrities are recognizable figures who often provoke strong emotional responses. This makes users more likely to click on links or download attachments without questioning their authenticity.
He further pointed out that social media platforms, where users are accustomed to casual and rapid interactions, are particularly vulnerable to such scams.
While it remains unclear how many systems were compromised by the Telegram malware using Ulbricht’s name before X suspended the compromised account, Price emphasised that these scams could have far-reaching consequences beyond personal losses.
“Compromised devices can lead to corporate breaches, data theft, or worse,” he warned, urging for continued awareness and vigilance as the best defense against such cyber threats.
