The X (Twitter) account owned by American rapper Nelly has been compromised, with the hackers using it to try and lure crypto investors into phishing schemes.
This occurs as recent reports indicate a rising trend in crypto hack attacks, with over $700 million stolen in the third quarter of 2023 alone and close to $700k lost in phishing schemes in the past 18 days.
Nelly’s X Account Allegedly Phishing
According to reports, the Nellio X account has enticed individuals into a phishing site. The user, Nelly, identifies themselves as an on-chain security analyst who specializes in assisting people in identifying genuine scammers.
The attacker initiates contact by sending a message to the user and providing an ‘Etherscan’ link to the user’s wallet address. They inquire, “Is this your wallet by any chance?”
Since the crypto account is labeled as a scam detector and appears to be ‘associated’ with another one, @realscamSniffer, the user quickly assumes that Nellio is a security analyst.
The user expresses caution, stating their desire to avoid hacks or unauthorized access.
The hacker claims to be investigating recent instances of wallet drains and compromises. Immediately, the hacker points out a ‘problem’ with the approval of spWETH from the user’s wallet. In the following screenshot, Nellio mentions obtaining the user’s information from Scamsniffer.
The attacker simply wants the victim to follow the provided link, activating the phishing scheme. However, the ‘victim’ is wary of doing so, stating their lack of trust in ‘Nelly’ and highlighting the seemingly malicious structure of the transaction.
The conversation continues with Nellio telling the user,
“It’s a full signature revoke, it removes a couple of others while it’s removing a malicious one, they bundle the malicious approvals in with legitimate ones so you need to revoke the full chain.”
Zack XBT was the first to unearth the phishing scheme and posted it on Telegram. Later, Scam Sniffer, the name mentioned by the hackers as the source of info, rejected the idea that @NellioETH is their member.
@NellioETH is compromised and pretending to be a member of ScamSniffer. they are trying to message people in an attempt to social engineer them into using a phishing site.
— Scam Sniffer (@realScamSniffer) October 18, 2023
The rapper has been actively engaged in the crypto ecosystem, posting and retweeting images and tweets about blockchain and scams.
Phishing Attacks Still Huge
Phishing attacks are still prevalent within the Web3 ecosystem, with investors losing millions yearly.
A few hours ago, Scam Sniffer tweeted about an attack where the victim, address 0x3767318, lost about 93.24 ETH, translating into $145K. Interestingly, the Nelly X account reposted the tweet.
— Scam Sniffer (@realScamSniffer) October 17, 2023
On Oct. 7, another person lost about 299.49 rETH valued at $534K in a crypto phishing scheme, a tweet posted by Scam Sniffer and reposted by Nelly.