Scammers used an outdated link found in an X (formerly Twitter) account belonging to Bloomberg Crypto to send users to a phishing site designed to steal Discord credentials, BleepingComputer reports.
“As first spotted by crypto fraud investigator ZachXBT, the profile contained a link to a Telegram channel with 14,000 members, further pushing visitors to join a fake Bloomberg Discord server with 33,968 members,” BleepingComputer says. “According to ZachXBT, Bloomberg previously maintained an older Telegram channel under the username @BloombergNewsCrypto, a detail shared on X/Twitter in August 2023.”
A message on the compromised Telegram channel states, “If you are interested, please head over to, our official and only discord server for more information on how to start an application: https://discord[.]gg/bloomberg. Join the Bloomberg Crypto Discord Server! Check out the Bloomberg Crypto community on Discord - hang out with 33975 other members and enjoy free voice and text chat.”
The scammers use a typosquatting domain to trick users into handing over their Discord credentials.
“Rather than linking to the legitimate https://altdentifier.com/ address, it presents a link to a deceptive page using an altered domain (altdentifiers[.]com) with an extra 's' at the end of the original domain name,” BleepingComputer says. “The ‘Bloomberg Crypto staff team gives visitors 30 minutes to go to this site and complete the verification process. After clicking the link to 'verify' their account, the potential victims are prompted by the AltDentifiers phishing website to verify with Discord, aiming to steal their Discord login credentials.”
The link has since been taken down, but users should continue to be on the lookout for cryptocurrency scams.
“The malicious link was removed from the Bloomberg Crypto X/Twitter account 30 minutes after ZachXBT's initial tweet,” BleepingComputer writes. “As many crypto communities reside on Discord, threat actors commonly attempt to steal credentials for accounts that frequent such servers. These hijacked accounts can then be used to promote cryptocurrency scams designed to steal users' cryptocurrency assets while appearing to be from a legitimate source.”
Update: This post has been revised to reflect that Bloomberg's Crypto account as not compromised, rather it pointed to an abandoned Telegram account which was then hijacked as part of a phishing scheme.
KnowBe4 enables your workforce to make smarter security decisions every day. Over 65,000 organizations worldwide trust the KnowBe4 platform to strengthen their security culture and reduce human risk.
Here's how it works:
