hackers-hacked-into-openai-account

Hackers breached OpenAI account and promoted fake $OPEANAI token

Regulation&Security

September 24, 2024

Hackers broke into the official OpenAI account on the social network X, using it to promote a fake $OPEANAI token. They attracted users by promising early access to the company's future beta programs, specializing in artificial intelligence.

The attackers posted a message with numerous grammatical errors, including a mistake in the token's name itself — $OPEANAI instead of the correct $OPENAI. This immediately raised suspicions among users, as OpenAI has not issued any tokens, either with this or any other name.

Phishing attack through a fake website

The malicious links in the message redirected users to the phishing site token-openai.com, which was created to steal cryptocurrency wallet credentials. Despite the numerous grammatical errors, thousands of users saw the message before it was deleted.

Company security warning

Sometime before the incident, an OpenAI security employee issued an internal message to company staff, warning about frequent account hacks and providing recommendations to strengthen security. However, even these precautions were insufficient to protect the account from the attack.

Suspicions regarding a group of crypto scammers

There is a possibility that the hack was carried out by the same group of criminals who previously gained access to the accounts of the company's executives. This indicates a high level of organization and awareness of the internal processes within the company on the part of the attackers.