Cybercriminals Flood Dark Web With X (Twitter) Gold Accounts

Verified accounts for celebs and organizations deliver a deep vein of cybercrime riches for crooks.

Cybercriminals are taking over verified Gold accounts on X, the social media service formerly known as Twitter — and selling them on the Dark Web for up to $2,000 a pop.
That’s according to research from CloudSEK, which has uncovered a Gold Rush, as it were, of these accounts showing up in underground marketplaces.
The
Gold badge on X
means that the service has independently verified the account as legitimately belonging to a high-profile organization or a celebrity. It was introduced a year ago as a paid option after X made the blue checkmark — formerly a designation of legitimacy —
a badge that anyone could pay to include on their profiles
, no validation needed.
Cybercriminals are now brute-forcing passwords and stealing credentials through malware in order to gain access to existing Gold accounts, according to CloudSEK researchers; more often, they are also taking over non-Gold accounts associated with real organizations that havent been used in months and upgrading them to verified status. In all, hundreds of accounts with reach to tens of thousands of followers are on offer in underground forums.
Nefarious types willing to pay can then use the accounts to host phishing links, launch disinformation campaigns and financial scams, or impact brand reputation by posting damaging content.
Dark Web marketplaces are flooded with
advertisements selling Twitter Gold accounts
, according to research the firm released this week. Prices range from $35 for a basic account to $2,000 for accounts with large followings.”
The researchers illustrated the danger to organizations from the trend with a compelling example from September: Cyberattackers were able to take over an X account belonging to Vitalik Buterin, the co-founder of Ethereum. They then tweeted out an offer for purportedly free nonfungible tokens (NFTs), with a malicious link embedded that redirected users to a fake website designed to drain cryptocurrency from their wallets.
Despite being active for about 20 minutes, the hackers managed to siphon off a staggering $691,000 [in] digital assets before removing the fraudulent post, according to the analysis.
The value to crooks in infiltrating major accounts has been a known quantity since at least 2020, when hackers were able to
compromise the internal networks of what was then Twitter
, gaining access to verified accounts and sending out tweets on behalf of several high-profile individuals.
To protect themselves, organizations should regularly monitor brand mentions on Twitter and implement strong password policies to protect against account compromise, CloudSEK recommended. Effective brand monitoring means identifying fake profiles, unauthorized product listings, misleading advertisements, and malicious content.

Last News
▸ ArcSight prepares for future at user conference post HP acquisition. ◂ Discovered: 07/01/2025 Category: security	▸ Samsung Epic 4G: First To Use Media Hub ◂ Discovered: 07/01/2025 Category: security	▸ Many third-party software fails security tests ◂ Discovered: 07/01/2025 Category: security

**Cyber Security Categories**
Google Dorks Database	Exploits Vulnerability	Exploit Shellcodes

CVE List

Tools/Apps

News/Aarticles

Phishing Database

Deepfake Detection

Trends/Statistics & Live Infos

Tags:
Cybercriminals Flood Dark Web With X (Twitter) Gold Accounts