Malicious Actors Appear to Have Infiltrated the New York Post's X Account in an Attempt to Scam Crypto Users

The New York Post’s X account appears to have been infiltrated by malicious actors who are attempting to scam crypto users on the microblogging platform.

Some X users from the crypto community have recently reported having received a private message from the New York Post’s X account inviting them to feature in a podcast and to contact them on Telegram.

The spurious messages were first discovered on May 3 by Kerberus founder and CEO Alex Katz, who shared a screenshot of a message purportedly made out to be from author and journalist Paul Sperry via the official nypost.

"What’s interesting about this case is that the scammer gained unauthorized access but didn’t post a Pump.fun address or wallet drainer. Instead, they’re messaging users and then directing them to Telegram," observed cybersecurity engineer and NFT collector "Drew".

Related: ‘I'm sick’ — Scammers use AI, fake ID of crypto influencer to steal $4M

After sending the message, the scammer blocks users from replying to prevent the actual New York Post team from being alerted to the compromise, he added.

Donny Clutterbuck from NFT Bitcoin’s ordinals platform Fomojis also reported having been contacted by the hacker, suggesting that it could be a potential Zoom exploit from enabling audio.

When you click to enable audio, a pop-up gives the option to either cancel or enable WiFi, he said before adding, "I guess WiFi gives network access to the scammer."

Blockchain sleuth ZachXBT said this compromise was similar to one from a few weeks ago when direct messages were sent from The Defiant's X account.

Cointelegraph contacted the New York Post for more information but did not receive an immediate response. There was nothing regarding the social media compromise on the NYP or Sperry's X feeds.

Scammers seeking victims on Zoom

Scammers have increasingly shifted their social engineering techniques to messaging users on messaging platforms after having established trust from previous conversations, and video conference platform Zoom has become a hotbed of crypto scams recently.

In April, Emblem Vault CEO Jake Gallen warned users to be malicious actors on Zoom after he lost $100,000 in crypto assets. Gallen was also contacted on X to arrange a Zoom interview during which the scammer installed malware that drained his wallets.

It is not the first time the New York Post’s verified Twitter account has been hijacked. In 2022, an employee hacked the account to post a series of obscene messages designed to look like real headlines.