Fake Goblin Town Twitter account. Lures via tagging potential victims. Posted a linktree to initially hide the malicious domain. Due to misconfiguration, an open directory can be accessed via the domain, leading to the download of the drainer kit: /goblin-towm.wtf/goblintownz.zip Used Zapper_fi API auth: Basic Y2YwYTQzNDItNjNmOS00NjBjLTkzNTAtMWUxNTIyZTRhMmUxOg== cf0a4342-63f9-460c-9350-1e1522e4a2e1 RPC infura_io: /mainnet.infura.io/v3/8d15dd68b697464abf8c45cf43410c03 Telegram bot: 5572877848:AAHFiKjDTbpBuBOPxSN85ZHCV9u1iysUc28 malicious actor chat id: 5481659179 username: xxxxboss