OpenAIs Press Account Breached to Promote Phishing Scam Involving OPENAI Token

Crypto scammers took over OpenAI’s press account to post phishing links that targeted OpenAI users.
While the posts have now been deleted, crypto scammers managed to hijack OpenAI’s official press account on X on Sept. 23 to promote a suspected phishing link. The ChatGPT developer has yet to acknowledge the breach.
Those behind the hack promoted a token called “OPENAI,” claiming it would bridge the gap between blockchain and AI.
The posts falsely promised that users could claim a portion of the token’s supply, allowing them access to the platform’s future beta programs and enticing them to click a phishing link that led to a flagged website.
To lend an air of legitimacy and prevent eagle-eyed users from warning others about the hack, the attackers disabled comments on the malicious posts, adding the message: “Comments turned off due to malicious links. Good luck all!”
One user on X
claimed
the fake website was designed to mimic the OpenAI branding and looked legitimate at first glance. However, when clicking the OpenAI logo, a prompt would ask visitors to connect their wallets.


Fake OpenAI website asking users to connect their crypto wallet. | Source:
X
When users connect their wallets to a malicious platform like this, they are tricked into signing a fraudulent transaction. This transaction often appears legitimate but actually grants the attacker
control over the user’s assets
, enabling them to drain all funds stored in the compromised wallet.
You might also like:
August sees $63m lost in crypto phishing despite fewer victims: Scam Sniffer
Called ‘approval phishing,’ these attacks have led to over
$2.7 billion in losses
since 2021, according to Chainalysis.
Unfortunately, similar attacks have targeted OpenAI execs on multiple occasions.
Most recently,
OpenAI
researcher Jason Wei’s account was
hacked
to promote the same phishing scheme, with the attackers previously
targeting
OpenAI’s Chief Scientist, Jakub Pachocki. Last year, OpenAI CTO Mira Murati also faced a similar breach in June 2023.
As
reported
by crypto.news, virtual reality-focused project Decentraland also suffered the same fate last week, with scammers promoting a fake airdrop of its native token to mislead users into connecting their wallets and approving a malicious transaction.
While all the aforementioned attacks share similarities, it is unknown if the same group of attackers is behind them.
Read more:
Whale loses over $55m in DAI stablecoin to phishing attack