Bitcoin scam Taking over Twitter
The Twitter accounts of several prominent companies and celebrities - including Obama, Biden, Uber, Apple, Musk, and others were illicitly confiscated today, in an effort to scam some of their millions of followers out of their hard-earned bitcoin. It’s by far the most widespread Twitter hack we’ve seen, even if the accounts were quickly restored to normal.
The messages varied in their exact wording, but generally followed a similar format: For example, Elon Musk‘s tweet read:
“Feeling grateful, doubling all payments sent to my BTC address!
You send $1,000, I send back $2,000!
Only doing this for the next 30 minutes.”
All tweets featured the same Bitcoin address. Meanwhile, several accounts for major cryptocurrency companies featured fake tweets announcing a partnership with an organization called ‘Crypto for Health.’
Though it can’t be figured out for sure given the blocked out characters, the hackers appear to have changed the recovery addresses to emails from encrypted email service ProtonMail. That could certainly complicate investigation efforts, considering the service prides itself on the fact that even it “cannot decrypt and read your emails.”
While it’s hard to imagine such blatantly scam messages would lead to much profit for the scammers, the wallet address does, in fact, show transactions are happening. As pointed out by Twitter user, the wallet is active, although it’s not clear how many of the transactions are from people who have been duped versus from the scammers themselves, in an attempt to make the address appear legit.
Response to Control
Twitter earlier had to take the extraordinary step of stopping many verified accounts marked with blue ticks from tweeting altogether.
Password reset requests were also being denied and some other "account functions" disabled.
By 20:30 EDT (00:30 GMT Thursday) users with verified accounts started to be able to send tweets again, but Twitter said it was still working on a fix.
Dmitri Alperovitch, who co-founded cyber-security company CrowdStrike, told:
"This appears to be the worst hack of a major social media platform yet."
On the official account of Mr. Musk, the Tesla and SpaceX chief appeared to offer to double any Bitcoin payment sent to the address of his digital wallet "for the next 30 minutes".
"I'm feeling generous because of Covid-19," the tweet added, along with a Bitcoin link address.
The tweets were deleted just minutes after they were first posted.
These Bitcoin scams have been persistent on Twitter for years but this is unprecedented with the actual accounts of public figures hijacked and on a large scale. The fact that so many different users have been compromised at the same time implies that this is a problem with Twitter's platform itself.
Early suggestions are that someone has managed to get hold of some sort of administration privileges and bypassed the passwords of pretty much any account they want.
With so much power at their fingertips the attackers could have done a lot more damage with more sophisticated tweets that could have harmed an individual or organisation's reputation.
But the motive seems to be clear - make as much money as quickly as they can. The hackers would have known that the tweets wouldn't stay up for long so this was the equivalent of a "smash and grab" operation.
There are conflicting accounts of how much money the hackers have made and even when a figure is settled upon, it's important to remember that cyber-criminals are known to add their own funds into their Bitcoin wallets to make the scam seem more legitimate.
Cameron Winklevoss, who was declared the world's first Bitcoin billionaire in 2017 along with his twin brother Tyler, tweeted a message on Wednesday warning people not to participate in the ‘scam’.
The Twitter accounts targeted all have millions of followers.
Last year, Twitter chief executive Jack Dorsey's account was hacked, but the company said it had fixed the flaw that left his account vulnerable.
The FBI's San Francisco field office put out a statement on Wednesday about the latest cyber-breach.
"The accounts appear to have been compromised in order to perpetuate cryptocurrency fraud," it said.
CRYPTOCURRENCY FRAUDS
Although cryptocurrency transactions are anonymous, the transactions may be posted to a public ledger, like Bitcoin’s blockchain. A blockchain is a public list of records that shows when someone transacts with cryptocurrency. Depending on the cryptocurrency, the information added to the blockchain can include information like the transaction amount. The information also can include the sender’s and recipient’s wallet addresses- a long string of numbers and letters linked to a digital wallet that stores cryptocurrency. Both the transaction amount and wallet addresses could be used to identify who the actual people using it are.
CryptoJacking
Cryptojacking is when scammers use your computer or smartphone’s processing power to “mine” cryptocurrency for their own benefit, and without your permission. Scammers can put malicious code onto your device simply by your visiting a website. Then they can help themselves to your device’s processor without you knowing.
If you notice that your device is slower than usual, burns through battery power quickly, or crashes, your device might have been crypto jacked. Here is what to do about it:
- Close sites or apps that slow your device or drain your battery.
- Use antivirus software, set software and apps to update automatically, and never install software or apps you do not trust.
- Do not click links without knowing where they lead and be careful about visiting unfamiliar websites.
- Consider a browser extension or ad blockers that can help defend against crypto-jacking. But do your research first. Read reviews and check trusted sources before installing any online tools. Some websites may keep you from using their site if you have blocking software installed.
Bitcoin prices have been hovering around $9,000 for quite a few days making it a lucrative investment opportunity. The biggest challenge with the Bitcoin industry across the globe is regulation. There is still a long way for Bitcoin to become part of the common man's general investment portfolio.
Ashish Agarwal, Founder at Bitbuddy (a Bitcoin marketplace start-up) said, “The governments themself have a lot of complexity in regulating Bitcoin but they can regulate the exchanges and other crypto service providers. As far as Bitcoin scams are concerned, one should always stay away from any type of lucrative schemes. Before giving any money to a website/mobile app, know the company and founders before. Ready about them, check their recognition."
This time, twitter is suspecting that there could also be more malicious activity on the part of the hackers who took control of popular Twitter user accounts via the employee access route. “We know they used this access to take control of many highly-visible (including verified) accounts and Tweet on their behalf. We’re looking into what other malicious activity they may have conducted or information they may have accessed and will share more here as we have it,” says Twitter. It is very likely, considering the fact that this scam was very successful in terms of the transactions done towards the BTC account that direct messages were also sent as part of the hack.
The scale of this hack, testified by the $118,211.37 amount tracked to this scam account, is perhaps best understood by the fact that Twitter, as one of its first measures, blocked the ability to tweet. That is Twitter shutting down Twitter, for a significant amount of time.
It is going to be very hard to catch the criminals by following the money. Law enforcement, as well as many angry users, will have some strong questions for Twitter about how this could have happened.
