‍Urgent Alert: Sophisticated Phishing Campaign Targets Crypto Personalities on X

A new, advanced phishing campaign is compromising X (formerly Twitter) accounts of prominent crypto figures, bypassing 2FA. Attackers exploit X's infrastructure, tricking users with fake calendar links that lead to a malicious app requiring excessive permissions.

This app, masquerading as "Calendar" with disguised Cyrillic characters, requests broad control over your account, including posting and profile updates. If granted, attackers gain full account takeover.

Protect yourself:

1. Go to X Settings > Security > Apps and sessions > Connected apps.

2. Review your connected apps.

3. Immediately revoke access for any app named "Calendar" or "Cаlеndar" (check for Cyrillic characters).

4. Remove any unused or unrecognized apps.

https://cryptovka.ru/en/news/5132/urgent-alert-advanced-x-phishing-campaign-targets-crypto-community