Twitter bitcoin scam 2020
The 2020 Twitter bitcoin scam is a massive hacking of Twitter accounts that started on July 15, 2020, at around 20:00 (Several Twitter accounts, each with millions of followers, were apparently compromised to promote a bitcoin scam. The scam requested individuals to send bitcoin currency to a specific cryptocurrency wallet, with the promise that money sent would be doubled.
As of July 15, 2020, more than 12 points were taken off the Bitcon Price Index, corresponding to more than US$110,000. Minutes after the tweets were published, more than 320 transactions had already taken place on one of the wallet addresses
The first well-known scam tweet was sent from Elon Musk's Twitter account at 20:17 UTC on July 15, 2020. Other compromised accounts included those of individuals such as Barack Obama, Joe Biden, Bill Gates, Jeff Bezos, Mr Beast, Michael Bloomberg, Warren Buffett, Floyd Mayweather, Kim Kardashian, and Kanye West, plus similar companies like Apple, Uber, and Cash App. Some cryptocurrency Twitter accounts were also targeted, including the accounts of Coinbase, CoinDesk and Binance. Most of the reports that were accessed in the scam had at least a million followers.
The tweets implicated in the scam claimed that the sender, would reimburse any user double the value of any bitcoin they forwarded to specific wallets, The tweets followed the sharing of malicious links by several cryptocurrency companies; the website hosting the links was taken down shortly after the tweets were posted.
While "double your bitcoin" scams have been shared on Twitter before, this is the first significant example of them being used with high profile accounts. Security experts believe that the criminals who implemented the con as an old fashion "smash and grab" attack, going on to say knowing that the invasion into the accounts would be closed rapidly, the culprits likely planned, only a small portion of the masses that follow these accounts needed to fall for the con in the short time allotted for them make quick money from it.
Multiple bitcoin wallets had been listed at these websites; the first one observed had received more than US$118,000 in bitcoin and had about US$61,000 removed from it, while a second had amounts in only the thousands of dollars as Twitter took steps to halt the postings. It is unclear if these had been funds added by those led on by the scam, as bitcoin scammers are known to add funds to wallets before starting schemes to make the scam seem legitimate.
Some of the compromised accounts posted scam emails repeatedly, even after having some of the words deleted. The tweets were described as having been sent using the Twitter web app.
One of the phases implicated in the con was tweeted more than 3,000 times in the time of four hours, with other tweets being sent from addresses linked to many different countries.
When asked by reporters Twitter, circulated a report saying they were indeed aware of a security incident which impacted accounts, and that they were "taking steps to fix it".
Shortly afterwards, it halted the ability for some accounts to tweet, or to reset their password; Although Twitter has not verified which accounts were impeded, however, many users with accounts marked as "verified" have reported that they were unable to tweet.
Not long after, Twitter claimed Vice was contacted by at least four persons claiming to be part of the scam and according to other reports presented Twitter with screenshots confirming they had indeed been able to gain access to a Twitter administration tool which in turn allowed them to alter various account-level settings, including confirmation emails for the accounts, which allowed them or others involved in the scam to achieve control of the account through password and resets
Later the hackers informed Vice they had paid Twitter to get access to the administrative tool to be able to pull the con off; Sources close to Vice corroborated that other security researchers had also been given similar screens and tweets of these screenshots.
This reporter has been told that yes indeed Twitter had removed these accounts because they revealed personal details, later Twitter confirmed that they had detected what they believed to be a synchronised social engineering attack by people who targeted some of their employees. Furthermore, and In addition to the above, Twitter also stated that they would be taking further measures to lock down the affected, verified accounts
Further to the above, our reporters have also been informed that Twitter has also initiated an internal inquiry and have limited employee access to their system administrative tools as they evaluate the situation.
How will it affect you
Affected users will retain the capability to retweet matter, which has led some major companies and leading broadcasting figures like NBC News, to set up temporary non-verified accounts thus allowing them to continue to tweet, or retweet "important updates" on their main accounts only. Joe Biden's campaign, for example, told CNN that they have been in touch with Twitter regarding the issue and that his account had also been "locked-down".
During the event, Twitter's stock fell by 4% once the markets were closed. However, Later Jack Dorsey Twitter CEO tweeted, it was a "tough day for us at Twitter. We all feel horrible that this has happened, adding We are at this moment in time diagnosing all and once finished we will share everything possible once we have a clear understanding of precisely what caused the attack.
Dmitri Alperovitch, the co-founder of cybersecurity company CrowdStrike, described the incident as "the worst hack of a major social media platform yet."
Worldwide breaking News
Thanks to Dmitry Demidko for sharing their work on Unsplash.