Site icon Tech-Wire

Now BlueSky hit with crypto scams as it crosses 20 million users

bluesky 1600 900

As many more users are flocking to BlueSky from social media platforms like X/Twitter, so are threat actors.

BleepingComputer has spotted cryptocurrency scams popping up on BlueSky just as the decentralized microblogging service surpassed 20 million users this week.

It didn't take long

Over the past few years, X/Twitter has become the hotbed of scammers from those targeting banking customers to ones impersonating high-profile accounts to push posts promoting fake crypto giveaways, websites that utilize wallet drainers, and Discord channels promoting pump-and-dumps.

As BlueSky nears a 21 million strong userbase, BleepingComputer has observed threat actors are starting to get their foot in too, and push their agenda.

A BlueSky post from last week featured an AI-generated image of Mark Zuckerberg and promoted crypto assets like "MetaChain" and "MetaCoin."

As evident from the messaging and graphics, the post misleads viewers into associating the advertised products with tech giant Meta and its concept "Metaverse“.

A crypto scam on BlueSky featuring Meta branding (BleepingComputer)

The MetaChain[.]cash website mentioned in the post also appears to carefully impersonate Meta branding, typeface, and messaging:

MetaChain domain impersonates Meta branding (BleepingComputer)

Another post titled "You've won FREE Satoshi Bitcoin of $900k" was seen leading users to a GitHub Pages website, cryptos-satoshi.github[.]io which is no longer accessible.

Reacting to the "block chain" scam, BlueSky user @krankenpflegel.de remarked “Och nö. Jetzt auch hier,” meaning “Oh no. Now here too.”

'Satoshi Bitcoin' giveaway scam (@krankenpflegel.de)

BleepingComputer discovered similar crypto "airdrop" posts that drive traffic to a domain previously classified as “a fraudulent cryptocurrency trading platform being promoted through an elaborate scam on social media platforms.”

One such post is shown below. It reuses video snippets from hit TV shows like Last Week Tonight With John Oliver and abuses hashtags, #musk #tesla #blockchain to boost engagement.

Bogus Airdrop promos on BlueSky (BleepingComputer)

We also stumbled upon fraudulent schemes claiming to hand members “over $68,659.80 In FREE Bitcoin & Ethereum” with zero trading requirements, “100% risk-free.”

BlueSky slammed with 3,000 reports an hour

BlueSky safety team confirmed that over the past week alone the platform had grown by more than three million people.

"In the past 24 hours, we have received more than 42,000 reports (an all-time high for one day). We're receiving about 3,000 reports/hour. To put that into context, in all of 2023, we received 360k reports," states the BlueSky safety team in the thread.

"We're triaging this large queue so the most harmful content such as CSAM is removed quickly."

"With this significant influx of users, we've also seen increased spam, scam, and trolling activity — you may have seen some of this yourself."

"Our team is reviewing these accounts, and you can help us by reporting them by clicking the three-dot menu on each post/account."

The platform pledges to "dial our moderation team up to max capacity" as it battles a large number of user reports against unwanted content.

Decentralization brings new challenges

BlueSky is a decentralized microblogging service based on the AT protocol, meaning no single entity is in charge of the entire system.

While Bluesky Social, a Public Benefit Corporation (PBC) owns and manages the domains, bsky.app and bsky.social, along with the primary “BlueSky Social” server, anyone can start their BlueSky instance. Users of one BlueSky instance can interact with those on another and vice versa.

The beauty of this lack of centralized authority is, that users have greater freedom and control over their content and are not subject to policies or limitations of Bluesky Social, PBC, should its direction drastically shift in the future—akin to what happened with X.

All this, however, also carries some operational caveats.

While BlueSky Social would be able to moderate content hosted on the bsky.app server, what happens when scammers start setting up their BlueSky instances and using these to promote dubious trading schemes?

BleepingComputer observed posts promoting dubious websites that offered questionable products. Rather than being hosted on bsky.app, these were seen on BlueSky instances managed by a third party.

Given how the AT protocol works, users from other BlueSky instances, including bsky.app would be able to interact with posts on this “web client” (namely “Subium”) and vice versa, which may boost engagement:

Who moderates third party BlueSky instances hosting dubious content?
(BleepingComputer)

Search engines like Google may also crawl and index posts from third-party BlueSky instances. All this could positively contribute toward search rankings of dubious websites mentioned in these posts, and for scammers to up their SEO poisoning game:

Google search result shows a BlueSky post hosted on a third party server, notbsky.app
(BleepingComputer)

Put simply, BlueSky's moderation architecture isn’t as straightforward as is the case with centralized platforms like X or Instagram. The greater freedom, content control, and independence offered by BlueSky come with novel challenges that need addressing as the decentralized platform gains momentum.

Related Articles:

US charges five linked to Scattered Spider cybercrime gang

Bitfinex hacker gets 5 years in prison for 120,000 bitcoin heist

New Google Pixel AI feature analyzes phone conversations for scams

Linux malware “perfctl” behind years-long cryptomining campaign

Scammers target UK senior citizens with Winter Fuel Payment texts

________________________________________________________________________________________________________________________________
Original Article Published at Bleeping Computer
________________________________________________________________________________________________________________________________
Exit mobile version