In early September 2024, the official X (formerly Twitter) account of OpenAI Newsroom became a target of a security breach. The account created to showcase the freshest news and developments from the AI leader included the Verified Organizations badge along with the official verification mark from OpenAI, reinforcing its authenticity. However, hackers obtained entry regardless of these precautions, turning a reliable source of information into a malicious resource.
Hackers made use of the trustworthy verified account to advance a phony OpenAI website. They disseminated a fake link set up to con users out of their cryptocurrency by having them connect their wallets. Once the connection was established, the scammers rapidly robbed the funds of the victims.
What Happened to OpenAI?
In September 2024, OpenAI launched its Newsroom account in order to give followers access to official updates and news about the company. The program, titled the Verified Organizations, designed to assure users they were interacting with authenticated and authorized accounts, verified the account. Sadly, these verification mechanisms operate in a dual nature.
Although the verification signifies authenticity, a compromised account allows hackers to use the verification badge to make malicious content look credible. This is precisely what happened when bad actors took advantage of OpenAI’s account breach to promote their current deception—fooling followers into visiting a fake website.
The site, which was false, was designed to mimic an official OpenAI page, enticing users with the appeal of exclusive offerings or opportunities. In reality, it was a trap. The site required users to tie their cryptocurrency wallets, after which the scammers extracted the funds.
Watch for Odd Behavior
Scams involving X are not new, and since long, hacked verified accounts have been circulating harmful links. Although an account may have a verification badge, that doesn’t ensure its posts are secure or credible.
If you notice odd behavior from an official account, such as irregular posts or actions out of character, please refrain from clicking on any links. It signals the likelihood that the account could be at risk, as occurred in the case of OpenAI. Remain cautious at all times and report any questionable posts if you think they may be linked to a scam.
Don’t Trust Verification Alone
The verification badge shows only that an account is associated with a particular entity. It can’t confirm that all posts coming from the account are trustworthy or secure. These badges allow bad actors to create an impression of trustworthiness for their scams, enticing users to click on potentially harmful links. The hacked account of OpenAI displays that even top-trusted organizations are susceptible to these kinds of attacks.
In the given scenario, the verified status of OpenAI served as an easy tool for hackers to mislead their followers. Fortunately, reports came through quickly, which brought the scam to light, yet the incident underlines the requirement for caution in working with verified accounts.