On Wednesday, scammers hacked into the Twitter accounts of renowned politicians, technology honchos, and crypto companies in a well-coordinated bitcoin scam. The scale of the problem suggests that it wasn’t limited to a single service or account.
In the biggest hack ever on the social media platform, the con artists took to the platform in promoting a bitcoin scam that appears to have earned the creators a bit of money. While it’s not yet clear exactly what happened or how Twitter’s system was compromised, tens of accounts seem to have been compromised.
Lock All the Compromised Accounts
Among the infiltrated accounts include President Barack Obama, Joe Biden, Elon Musk, Bill Gates, Kanye West, Michael Bloomberg, and Apple. Twitter announced it took the drastic step of blocking new tweets from all verified users, whether they were compromised. The firm went ahead to lock all the compromised accounts. Twitter announced it would restrict access to their owners. The firm tweeted:
“We have locked accounts that were compromised and will restore access to the original account owner only when we are certain we can do so securely.”
Twitter said on Wednesday evening its internal employee tools were compromised and used in the hack. This explains why accounts with 2FA were also used to fool followers into the Bitcoin scam. By the time of going to press, the fraud appeared to have subsided, but scam tweets were still posting to verified accounts after 4 pm ET. Twitter acknowledged the problem at 5:45 pm ET, about two hours after the scam started.
“We are aware of a security incident impacting accounts on Twitter. We are investigating and taking steps to fix it. We will update everyone shortly.”
CZ Acknowledged the Attack
Within minutes of the account takeovers of individuals and firms’ prominent names, the scammers pumped a bitcoin giveaway scam associated with an organization called “Crypto for Health.” Among the crypto companies that fell victim to the incident include Binance, Gemini, Coinbase, and Coin Desk. Others were Justin Sun, Charlie Lee Bitcoin.org, Kucoin, Bitfinex, The Tron Foundation, and Ripple. Millions of collective followers started seeing the same message:
“I am giving back to my fans. All Bitcoin sent to my address below will be sent back doubled.”
Binance CEO Changpeng Zhao acknowledged the attack and warned people to stay away from the link using its Twitter channel. Despite his quick reaction, the attack went on unfazed, and reports indicate that address that scammers are using is already raking in hefty profits. Data showed the BTC address had already received at least 12.8 BTC at the time of this writing, worth almost $117,711.
The price of Bitcoin has remained remarkably resilient amid talk about a bitcoin scam. Twitter has called a social engineering attack. However, there exists a more disturbing version of what took place at Twitter, pointing to an inside job. The company said it was “still investigating whether the employee hijacked the accounts themselves or gave hackers access to the tool.” Jake Chervinsky tweeted:
“Breaking: after Twitter hack, bitcoin volatility skyrockets as price crashes in freefall from $9,225 to $9,220.”