Today I came across a YouTube channel streaming what was supposed to be SpaceX live QA on the Artemis Pre-Test Lauch which took place two days prior. In fact, it was a POP-UP crypto scam channel using YouTube. Phishing legitimate YouTube creators channels and stealing the creators session cookie to takeover the account has been going on for a long time. This looked more like a new POP UP LIVE Channel by a not well-known individual or channel. But it did have prominent visibility in the You Tube Live Events section.
Many red flags are listed at the end of this post. The channel advertised a domain linking to a phishing /crypto scam site which was registered on a Russian .ru domain which listed a contact individual name Sergei. The Elon Musk Crypto scam is old. It goes like this and there are variations with other celebs. Have you seen fake live scam events on YouTube?
Elon Musk and SpaceX Foundation believe that blockchain will make the world fairer. To speed up the process of cryptocurrency mass adoption, We decided to run 50,000 ETH giveaway.
- There is also an identical BTC fraud page with a different crypto address.
The YouTube video had an embedded video of a real interview with Elon (with his son on his lap). That helped to identify the video source which was a real interview Q/A session held on Nov 17, 2021, hosted by the [National Science Foundation Elon Musk Interview] (Elon Musk speaks on Starship and SpaceX at National Academies of Sciences and Engineering with QA - YouTube). The author had recorded that interview inserted into the live YouTube video page and listed it as a LIVE event with over 10,000 viewers watching during the few hours it was up before it was taken down. The BTC and ETH Explorer site revealed that it wasn’t too successful. The ETH account showed about $1970.00. Hardly any take in the BTC address. So yes, YouTube can be successfully used as a social engineering tool too. Red flags are obvious. See reg flags below!
Live YouTube Scam Channel. Participation links to Russian .ru domain scam site.
And a QR Code to scan which will assist you to copy the block address.
These guys wanted to help you lose your crypto. There’s a helpful virtual chat agent that will guide the contribution in case you have problems getting parted with your money!!!
The page is very well done. Everything needed to self-serve a crypto heist.
We want to double your money because its for a good cause. Well matching donations are plausible.
The launch took place two days prior
The video discusses Starlink launch with a very dated picture of one of Elon’s kids sitting on his lap during interview. That prompted a search of possible real video. That revealed it was recorded on Nov 17,2021 National Science Foundation and the video poached by the scammer.
This is a well-known scam
The live chat was disabled
The logo on the video had another well-known space site
Big red flag. A lookup of the hyphenated linking domain shows it’s registered a Russia .ru domain.
PS: Today the web site is flagged by Edge/Microsoft Defender as not safe to proceed. Google has not flagged it yet.