Multiple high-profile Twitter accounts have been hacked and tens-of-thousands of dollars in Bitcoin have been taken in a daring ‘smash-and-grab’ online scam.
It appears that Twitter accounts of individuals such as Bill Gates, Barack Obama, Elon Musk, Kanye West and firms such as Apple and Uber were hacked. A message was then sent out from these accounts stating that if people sent Bitcoin to a certain Bitcoin wallet they would then receive double the amount back.
The accounts combined have hundreds of millions of followers, and even though the scam was noticed and the messages were deleted within minutes, that was still enough time to fool a few into parting with their Bitcoin. At least $130,000 has so far been taken from around 320 individuals.
The messages stated that the individuals were only making the offer for the next 30 minutes and that they were motivated by the Covid-19 outbreak and their desire to give something back to their communities.
In a shocking twist, when Binance CEO, Changpeng Zhao, one of the individuals targeted, revealed that it was a scam, his warning tweets were deleted, thus showing that the hackers were still in control of his account.
Bitcoin, the decentralised cryptocurrency, is a favourite of scam artists, thieves and criminals as the money is untraceable and cannot be retrieved. Users are aware though of just how unsafe transactions are and so anyone sending Bitcoin has to be absolutely sure of the legitimacy of their transaction. The fact that the official accounts of very high-profile wealthy individuals were used has given this scam an authenticity that others in the past have lacked.
A bunch of high profile cryptocurrency Twitter accounts have been hijacked to tweet bitcoin scams. Likely a 3rd party App compromise rather that Twitter itself. Wallet has received ~$6000. pic.twitter.com/D8MiXrz9ml
— MalwareTech (@MalwareTechBlog) July 15, 2020
Experts are now speculating as to how the twitter accounts were compromised, and whether there is a serious flaw with the Twitter platform itself. Others have suggested that it is more likely that the accounts were compromised via a third party application, possibly downloaded onto smartphones.
We are aware of a security incident impacting accounts on Twitter. We are investigating and taking steps to fix it. We will update everyone shortly.
— Twitter Support (@TwitterSupport) July 15, 2020
The sophistication of the attack also begs the question as to whether a state actor could have been in any way involved, though this is thought to be unlikely, and was almost certainly the work of a criminal group of individuals motivated solely by making a fast buck.
COMMENTS