Fake Elon Musk scammers deploy new trick to steal millions of dollars in bitcoin

While Bitcoin giveaway scams are not new, hackers are using a new trick that has already helped them scam victims out of roughly $2 million: so-called vanity addresses designed to trick victims into thinking they belong to entrepreneur Elon Musk.

Scammers have long used impersonation attacks to steal money from unwitting users, pretending to be Musk has been a popular approach. In late 2018, Twitter drew attention after it promoted a fake crypto scam broadcast by an Elon Musk impersonator using a verified account.

Vanity crypto addresses include words, names, or phrases meant to trick users into thinking they are credible. According to cyber-security firm Adaptiv, hackers have recently found success using Bitcoin vanity addresses that include Musk’s name.

Adaptiv tracked the usage of Bitcoin addresses using Musk’s name in giveaway scams and collected 66 unique ones. They found that these addresses had received over 201 bitcoin since April 2020.

A separate investigation by ZDNet found that most of the Bitcoin vanity addresses have been shared through YouTube live streams, which hackers take over and use to broadcast their scams. These scams were often held to commemorate an occasion important to the celebrity or brand.

First, hackers take over YouTube accounts with a high number of followers and change the account name and visual layout to resemble one of a celebrity or brand — like Elon Musk. Then they typically launch a live stream broadcasting their scam, promising users that their profits will double if they send Bitcoin to the scam address.