In The News

Twitter hacked to promote Bitcoin scam in unprecedented attack

Scammers have compromised several high profile Twitter accounts belonging to an array of the most followed celebrities in an unprecedented attack on the social networking platform.

The attack forced Twitter to prevent any verified Twitter account posting on the platform for a number of hours, a move that Twitter has never had to make before.

Scams using the Bitcoin cryptocurrency have always been popular on Twitter. Usually, however, scammers rely on compromising comparatively low profile verified Twitter accounts (often via phishing attacks on the account owners) to post scammy links from those accounts.

That, or scammers create duplicate accounts of high profile celebrities to try and fool Twitter users into clicking dangerous links (but those duplicate accounts will lack the verified blue tick, which often gives the game away to potential victims.)


Sponsored Content. Continued below...




This attack, however, is far more advanced and as such, far more successful. That seems to be largely because the attack has compromised Twitters own internal tools meant for its own employees, which appears to have allowed scammers to post scam links from high profile accounts without having to compromise the security of those accounts directly, such as the account password or 2FA.

Twitter posted –

We detected what we believe to be a coordinated social engineering attack by people who successfully targeted some of our employees with access to internal systems and tools.

That explains why accounts with good protection – including two factor authentication (2FA) – have been affected. Scammers have effectively used a “back door” that appears to have allowed them to bypass the security of individual Twitter accounts.

Accounts belonging to Kanye West, Joe Biden, former President Obama, Elon Musk, Bill Gates, Jeff Bezos and Kim Kardashian – among the most followed accounts on the platform – were all affected, and posted scam links to their hundreds of millions of collective followers.

Accounts belonging to Joe Biden and Kanye West were among those affected.

What the scam?

The scam itself isn’t new, and we often see it on Twitter, only in a far less visible and convincing fashion. The scam itself is in fact stunningly simple. The scammers – posing as celebrities or verified Twitter users – claim to be giving away crypto currency, just as long as a person sends them some money upfront.

The scammers often claim to be able to return double, triple or even quadruple the amount of money given to them. Of course, they don’t. They just pocket the money sent to them and run.


Sponsored Content. Continued below...




Scammers are estimated to have pocketed over $120,000 in crypto currency.

How to avoid this scam?

Simply put, if it appears too good to be true, it probably is. If you see an account offering free money, whether its verified or not, there is a good chance it’s a scam, especially if you have to pay money upfront.

Twitter has said they are working on how scammers managed to compromise their platform, but it is likely given the scale of the attack, a number of investigation and government enquiries will take place in the future to determine how the attack happened and to make sure it doesn’t happen again.

Share
Published by
Craig Haley