20 Oct 2024 - AJ
Since there are new variants of scams coming out seemingly every day and the celebrity in question may change, I didn’t want to specifically name the person most often deepfaked for these scams. Elon Musk is the kind of person who the gullible would think might be willing to pull off something that nonsensical. (There are other crypto enthusiasts that get deepfaked, but he’s the big one.)
The bit about the weird deepfake glitches? People I know who are Musk fans spotted the weird behavior by “Elon” on some of these channels and passed them on to me. I’ve actually been interested in these for a while, but I just haven’t covered them as up until recently, I thought they were shortlived ones that ran during certain events, such as the SpaceX launches and Tesla events. Apparently not!
In any case, the whole thing happens usually this way:
1) Scammer uses social engineering to get someone with a login to the channel to open a malicious file. This seems to be via a fake sponsorship deal or similar.
2) The malware snags the logged-in session cookie that the infected user has, thus bypassing any security measures, since the user is already logged in.
3) The scammer changes the name of the channel, possibly locks the original owner out by changing password/multifactor authentication (this should be blocked but is not always), and starts up a fake stream advertising the fake crypto site.
4) The original channel owner eventually gets access back, the cookie is revoked, etc.