Scam on X: hackers compromise the account of the New York Post

The hackers have breached the official X account of the New York Post, sending fraudulent direct messages to several users, particularly in the crypto community. This attack has raised alarm among digital currency enthusiasts, while security experts investigate the methods of the compromise.

Attack on the X account of the New York Post: how it happened

The first warning of compromise came on May 3rd, when Alex Katz, CEO of Kerberus, publicly reported the situation by showing evidence through screenshot. According to Katz, the messages observed were attributed to the author and journalist Paul Sperry, but they did not actually come from him. The official news account, known and verified, was used to send invitations to an interview via a podcast, asking users to respond via Telegram.

However, this proposal was nothing more than the cover for an attempted scam, with the aim of redirecting unsuspecting users to suspicious channels. Once the message was sent, the scammers blocked the victims, preventing any possible report to the real New York Post team.

Scam method and possible vulnerabilities

Unlike other famous cyber attacks, the hackers did not insert links to malicious sites or request the sending of criptovalute directly through compromised wallets. Instead, they exploited the popularity of the X account to spread deceptive messages, prompting contact via Telegram.

An important witness, Donny Clutterbuck, representative of the Bitcoin ordinals NFT platform Fomojis, suggested that the vulnerability might have been caused by a flaw in the Zoom software. According to Clutterbuck, a malware might have been installed during a Zoom call, thus allowing hackers to gain the necessary access to send deceptive messages.

This hypothesis highlights the increasing complexity and variety of strategies adopted by cybercriminals, who now combine social engineering and advanced techniques to break into protected systems.

Attack similar to the one on The Defiant account

ZachXBT, a well-known expert in the blockchain sector, commented that this breach is reminiscent of a similar episode that recently involved the X account of The Defiant, a decentralized information platform. In that case, fraudulent direct messages had been sent from the same compromised source.

This occurrence demonstrates how authorized social accounts, especially those associated with media and blockchain, have become prime targets for coordinated attack campaigns.

Reactions and lack of official communications

Despite the seriousness of the incident, until today the New York Post has not released any formal statement or updates on its social channels regarding the breach. The lack of response raises questions about the level of internal awareness and the security measures adopted.

The Cointelegraph team contacted the editorial staff for clarification, but did not receive immediate responses. This silence fuels concerns among users and cybersecurity experts, especially at a time when digital scams are constantly increasing.

Dangers for the crypto community and security recommendations

The crypto community is particularly exposed to this type of scams on social platforms, precisely because of its propensity for digital and the rapid circulation of investments. Consequently, it becomes essential to adopt some precautions:

• Be wary of unsolicited private messages, especially if they ask to move the conversation to external applications like Telegram.
• Do not click on links or respond to DM invitations that promise interviews or professional opportunities without verifying the source.
• Report any suspicious messages immediately to account managers and the platforms involved.
• Always update the software used during online communications, including video clients like Zoom, to reduce the risk of malware infections.

The importance of security on verified social accounts

The case of the New York Post invites reflection on the strategic importance of official and verified social accounts, especially for journalistic organizations or companies with a strong connection to the crypto industry. They represent privileged tools for disseminating credible information, but also potential entry points for skilled fraudsters.

The managers of these profiles must therefore implement strengthened security systems, such as multi-factor authentication and regular checks, to prevent future attacks.

Perspectives and call-to-action for users and media

The attack on the New York Post’s X account demonstrates how essential it is today to combine digital awareness with the adoption of effective security tools. The crypto community, as well as all social media users, must learn to recognize the danger signals in seemingly legitimate messages.

Furthermore, news outlets should react promptly by communicating openly and updating their users on crisis situations. This approach fosters trust and limits the damage caused, especially in similar cases that concern the integrity of official channels.

Finally, users are encouraged to remain vigilant and to share accurate information about scams to strengthen collective security.

This story highlights the value of protecting digital reputation and the ongoing need to collaborate against new forms of cybercrime. Only in this way will it be possible to safeguard information and protect those navigating the complex world of cryptocurrencies and social networks.