The unknown hacker used Robinhood’s Twitter account to promote a fake token allegedly created by Robinhood.
Robinhood is a platform well-known for its user-friendly approach to stocks, allowing them to make investments quickly in a variety of ways. It also enables them to buy crypto and is a household name among such investors.
However, Robinhood is primarily a stock trading platform and, as such, does not have a proprietary cryptocurrency. That didn’t stop bad actors from pretending they did.
Official Account Breached
Yesterday, an unknown bad actor managed to get in control of Robinhood’s official Twitter account and used it to publish a now-deleted tweet advertising $RBH, Robinhood’s purportedly newly minted token. The company does not have a native cryptocurrency and has never minted a token itself. Instead, investors can cast their lot in with the platform by buying the NASDAQ-listed stock HOOD.
Looks like Robinhood's social media was hacked— Conor (@jconorgrogan) January 25, 2023
They only got ~10 people to bite on the scam token before the link was taken down.
So far the token has only seen <$1000 in purchases. I imagine people crowding in now saw the volume spike and are looking for a thrill. pic.twitter.com/qladVaSzrI
Furthermore, according to blockchain security research tools, the token is a honeypot – meaning that once purchased, the new owner will no longer be able to sell it or even transfer it to another wallet.
Generally, this type of attack by a bad actor is done by impersonating a well-known person or platform and, as a result, is easier to detect.
However, since the scam was promoted on Robinhood’s verified social media, it’s easy to see why more people would fall for the bait.
FOMO Tactics Used
In order to get users to hurry up and buy before the bad actor’s account could be locked, the tweet enticed customers with a low token price of only $0.0005 and hinted at an incoming moonshot. Luckily, the damage seems to be small, with the post taken offline and the account responsible locked by Binance’s security team.
Furthermore, it’s difficult to say whether the few people who did buy the token were genuine investors who got taken in by the scam or trading bots like the ones manipulated by Avraham Eisenberg in a follow-up prank to the one on Mango Markets.
Since the attacker minted their tokens on BSC, the wallet responsible for the mischief was quickly shut down by Binance’s security team.
CZ also commented on the matter, advising the community to stay safe and to use their better judgment whenever purchasing a token, even if it seems to be perfectly legitimate.
Looks like Robinhood account got hacked and was promoting a coin on BNB Chain. Always have critical thinking even is the account looks or is real. https://t.co/XSwHIVdEdw— CZ 🔶 Binance (@cz_binance) January 25, 2023
For now, no official statement on the matter has been released by Robinhood.