Old Twitter flaw still exploited for crypto scams on X
Crypto Scam mers are exploit ing a four-year-old documented flaw in X (formerly Twitter ) to impersonate celebrities and promote fake giveaways to steal crypto and NFTs. The flaw, reported by Bleeping Computer back in 2019, involves a switch around in X URLs — which still register as twitter.com. It redirects users to crypto scams. A Twitter URL consists of a person’s account name followed by a status ID, as follows: https://twitter.com/[account_name]/status/[status_id]. Crypto scammers can create an account imitating a public figure, post a phishing link, and change the account name of that post’s URL. This makes it appear as though the public figure is endorsing the post, particularly on mobile. Twitter verification is making scammers millions — here’s how Read more: Musk Twitter scams pivot to paid ads that shill Mars trips and brain chips Security researchers noted in 2019 that the URL exploit can be used for phishing campaigns and reportedly open up the potential for pol