New York Post’s X Account Hacked—Crypto Followers in Crosshairs

Another day, another high-profile hack—this time it’s the New York Post’s X account getting hijacked to push shady crypto schemes. Because nothing says ’trustworthy investment’ like an unsolicited DM from a compromised media giant.

Attackers bypassed security (or what passed for it) to target crypto enthusiasts. Meanwhile, Wall Street still thinks blockchain is just a fancy Excel spreadsheet.

Stay paranoid out there—DYOR before clicking, and maybe keep your bags off Twitter.

Scammer “Blocked” Users From Replying: Cybersecurity Engineer

According to a post by cybersecurity expert and founder of “Drew” Security, the scammers had blocked users from replying to the message they had posted on Telegram.

This is “to prevent the actual NYP team from being alerted to the compromise,” he said.

Interesting New Scam Tactic

If you have received this message from the @nypost (shoutout to @metrokatz for first reporting this), do not message the individual on Telegram,it is a scam!

What’s interesting about this case is that the scammer gained unauthorized access but… pic.twitter.com/Xr0c1Q87O3

‘Drew’ warned users not to message the individual on Telegram, highlighting that “it is a scam!”

“What’s interesting about this case is that the scammer gained unauthorized access but didn’t post a pumpfun ads or wallet drainer,” the cybersecurity engineer and NFT collector noted. “Instead, they’re messaging users and then directing them to Telegram.”

Hackers Use New Messaging Tactics

Another user also reported that he had received a message from what appears to be an actual NY Post account. “They ask for an interview with person-specific details (ordinals in my case).”

Never seen this scem:

+ DM from what appears to be actual @nypost account, prompt to msg TG
+ they ask for interview with person-specific details (ordinals in my case)
+ legit-looking Calendly NY Post slug
+ probable Zoom exploit not in screen share but in enabling audio

pic.twitter.com/RlspXiuS5A

The user further wrote that the interview starts with audio disabled. These scammers are “getting better,” he warned.

“When you click to enable audio, a pop-up gives the option to either ‘cancel’ or ‘WiFi’,” he wrote in a seperate thread. “I guess WiFi gives network access to scammers.”

‘Drew’ also said that hackers are increasingly using messaging and “finding success due to implicit trust from previous conversations.” He added that this tactic would continue growing, cautioning those who chat regularly, especially team members.

“It’s crucial to remember: even if you message someone daily, always verify their identity, never trust blindly.”