Cybercriminals are abusing X ads to promote websites that lead to cryptocurrency drains, fake investments, and other scams. Like all advertising platforms, X (formerly Twitter) claims to display ads based on a user's activity, thereby directing ads that match the user's interests.
Elon has previously said on Twitter that scam ads are popping up on YouTube, and X appears to have its own problems, with ads promoting cryptocurrency scams increasingly being shown.
The scams include links to Telegram channels that promote "pumping" and "dumping," as well as phishing pages, and links to websites hosting cryptocurrency leakers, which are malicious scripts that steal all assets from connected wallets.
Since X displays ads based on a user's interests, users not involved in cryptocurrency may not see these ads. However, those who frequented the space are now bombarded with a seemingly endless stream of malicious ads.
"I wasn't lying when I said every ad I saw on X was a scam link for cryptocurrencies designed to drain people's wallets."
While attackers have been abusing X's advertising platform for some time, the number of malicious ads has increased rapidly over the past month, attracting security researcher MalwareHunterTeam to track them.
The researcher has been posting screenshots of X ads containing crypto-scam content, almost all of which come from verified users.
This has gotten so bad that other X users have to leave community notes on the ads to warn others that the ads are scams or wallet drainers.
Last month, ScamSniffer reported that a cryptocurrency leaker known as "MSDrainer" had stolen $59 million from 63,210 victims over nine months by spreading propaganda on Google searches and X ads.
On
It's unclear what review procedures X has in place to prevent these ads, but many users are frustrated by the lax review of ads allowed on the site.
Bloomberg reported last month that X’s advertising revenue is expected to drop by $2.5 billion, a drop of more than 50% from 2022. This led User X to believe that Twitter was turning a blind eye to these malicious ads in order to increase its dwindling ad revenue.