Hackers have taken over the accounts of prominent individuals and brands with millions of followers, promoting the typical Bitcoin scam that involves the “send one get two back.” We have seen the same thing happening most recently on YouTube, and last year on Twitter and Facebook. However, the accounts that were used back then were impersonating celeb billionaires like Elon Musk, so no account takeover was involved. This time, hackers coordinated to take control of the actual accounts, so their success this time was unprecedented.
The briefly compromised accounts belonged to former US President Barack Obama, Kanye West, Kim Kardashian, Warren Buffett, Jeff Bezos, Mike Bloomberg, Joe Biden, Bill Gates, Elon Musk, Apple, Wiz Khalifa, Wendy’s, Uber, CashApp, and MrBeast.
In all cases, the hackers posted the below message to the millions of their followers.
It would be hard to estimate how many people have fallen for this, but we guess that the number is dizzying. Previously, the scammers were making enough by using impersonating accounts with limited reach, but this time, they tapped into a huge user pool. One of the Bitcoin wallets used for the scam received more than $100,000 worth of crypto, counting thousands of transactions before the posting was taken down.
All of this Bitcoin scamming didn’t last long before Twitter stepped in and removed the malicious messages, but even a couple of minutes were enough for the scammers to make a lot of money.
According to the first official response, hackers have accessed the accounts of Twitter employees who have access to internal systems and tools. Working from there, they eased their way to taking over prominent accounts and posting whatever they wanted.
This is another security lapse for Twitter, which has steadily built a reputation for being insecure.
We detected what we believe to be a coordinated social engineering attack by people who successfully targeted some of our employees with access to internal systems and tools.
— Support (@Support) July 16, 2020
Tough day for us at Twitter. We all feel terrible this happened.
We’re diagnosing and will share everything we can when we have a more complete understanding of exactly what happened.
💙 to our teammates working hard to make this right.
— jack (@jack) July 16, 2020
Brandon Hoffman, the head of Security Strategy at Netenrich, has shared the following comment with us:
“The idea floating around that there is a user administrative panel that was accessed through an employee’s credentials is on fire. It is on fire for two reasons. The first is that credentials are likely going to be the way this was perpetrated. The second being that the existence of a user admin panel, which shouldn’t exist, in such an iconic tech company like Twitter is so scandalous that security people will eat it up.”
If we would comment on this whole incident, it is that no matter where a message comes from, it should always be seen with a critical and evaluative eye.
Why would anyone ask you to give Bitcoin in order to get double the amount in return? Why would Barack Obama and Bill Gates ever decide to give away Bitcoin to cryptocurrency holders, when there are so many people in much greater need out there? How realistic is the claim that Warren Buffer would ever want to “give back to the community” this way? None of this makes sense, and people should finally stop falling for the same old trick.