Ripple CTO Emeritus David Schwartz has issued a critical alert to users of the XRP Ledger (XRPL) regardding a surge in sophisticated fraudulent schemes. These attacks range from AI-generated deepfakes to fake token giveaways designed to drain digital wallets.

The fake XRP giveaways and AI deepfakes targeting retail investors

According to the report , scammers are increasingly utilizing AI-generated deepfakes of David Schwartz to lend an air of legitimacy to fraudulent claims. These malicious actors are deploying classic psychological traps, creating a false sense of urgency by leveraging current discussions surrounding the price of XRP to manipulate retail investors into making hasty decisions.

The schemes primarily manifest as fake token giveaways and fraudulent airdrops.. As the report says, these tactics are designed to trick victims into connecting their cryptocurrency wallets to malicious websites or, more dangerously, handing over their private seed phrases. David Schwartz has explicitly stated that Ripple never conducts such giveaways, and any promotion of free XRP tokens attributed to the company or its executives is a scam.

To combat this, David Schwartz has clarified that his only verified social media profiles are on X and LinkedIn. any individuals contacting users while impersonating him on platforms such as Telegram or Instagram should be treated as scammers attempting to compromise account security.

The Windows BitLocker vulnerability and the USB port risk

Beyond social engineering, David Schwartz has flagged a significant technical threat involving a Windows BitLocker vulnerability. This specific bug allegedly allows hackers to bypass disk encryption by using a standard USB port, which creates a direct path for attackers to access locally stored private keys.

This hardware-level vulnerability transforms a physical device into a liability. For cryptocurrency users who store their keys in encrypted files on a Windows machine, the BitLocker flaw removes the primary layer of defense, making the security of the physical hardware the only remaining barrier between a hacker and the user's funds.

The $635 million April DeFi crash as a warning sign

The warnings from David Schwartz arrive during a period of extreme volatility and insecurity across the broader digital asset landscape. April recently became the most hack-heavy month in the history of Decentralized Finance (DeFi), with $635 million lost across 28 separate hacks within a single 30-day window.

While the April DeFi hacks were not primarily driven by the social engineering tactics currently targeting XRPL users, they highlight a systemic fragility in the ecosystem. The sheer scale of these losses suggests that cryptocurrency users are currently more vulnerable than ever, whether through smart contract exploits or the psychological manipulation described by David Schwartz.

The missing details on the BitLocker patch and exploit scale

Despite the urgency of the warning, several critical details remain unverified in the current reporting. It is not yet clear if the Windows BitLocker vulnerability mentioned by David Schwartz is a newly discovered zero-day exploit or a known flaw for which a patch already exists. Furthermore, the report does not specify if there have been documented cases of XRPL users losing funds specifically via this USB-based BitLocker bypass.

Additionally, while the report mentions the rise of AI deepfakes, it does not provide data on how many users have fallen victim to these specific audiovisual scams compared to traditional phishing. The lack of a direct response from Microsoft regarding the BitLocker claim leaves a gap in the technical guidance for users attempting to secure their systems.