Hack of the Decade: Shameless Bitcoin Scam or Something Much More Sinister?
Posted on 07-16-2020.
Yesterday, anonymous attackers hacked Twitter accounts of Binance CEO Changpeng Zhao, Bill Gates, Jeff Bezos, Elon Musk, Joe Biden, Barack Obama, Uber, Apple, and many others. They used these accounts to post fraudulent messages promoting the distribution of 5,000 BTC on behalf of a rogue site Cryptoforhealth.
Despite hacking a score of highest-profile celebrity and corporate accounts, hackers were able to swindle the public of a bit over a dozen Bitcoins. Yet as the dust settles the world is about to realize the way more dire implications of this Twitter hack.
This type of scam is certainly not new but it has become increasingly more popular in recent months. Crypto-related Telegram channels are bombarded by screenshots of fake Twitter messages promoting similar giveaway scams.
Scammers even managed
to pull off buying YouTube ads with these messages.
Until recently this scam remained comparatively small scale. Then the hackers hit Twitter.
On July 15, an anonymous group actually hacked a large number of celebrity Twitter accounts and made fake Bitcoin giveaway posts. The exact tally of all affected accounts is not yet available. Among the victims were the world’s most famous entrepreneurs Musk and Bezos, key Democratic party members Biden, Obama, Bloomberg, and global companies like Apple, Uber, Binance.
Most messages followed the same pattern and even the same wording, asking followers to send any amount of Bitcoins to a provided address to receive double the amount back. Obviously, no Bitcoins were ever sent back.
At the moment, the Twitter team, which responded to the hack with a noticeable delay, knows little.
According to Chainalysis, attackers’ main address received about 12.86 BTC (over $120,000) in a course of 375 transactions. There were two more additional addresses that received very modest donations, while nothing was sent to the XRP account.
The most unlucky victim of the scam parted with $40,000 worth of Bitcoins. According to Chainalysis, his wallet has interacted with Japanese exchanges in the past. The rest of the transactions came mainly from exchanges.
Twitter was slow to react and fraudulent posts were allowed to remain unredacted for hours. The exchanges took upon themselves the role of first responders and began blocking transfers to accounts used by the criminals.
Whitestream analysts discovered
that the attackers' addresses had previously interacted with Coinbase cryptocurrency exchange and BitPay and CoinPayments services.
As of now stolen funds are still in motion.
Twitter tech support is still investigating the hack. So far they claimed that it was a coordinated attack that involved not only hacking but also social engineering.
Twitter employees with access to internal systems are said to have been victims of a coordinated social engineering attack. This allowed attackers to take control of many accounts, including verified ones.
The Block analyst Larry Chermak threw together a timeline of the attack, which allowed him to conclude that only one Twitter employee was likely the victim of the hack.
Twitter CEO Jack Dorsey has promised to release the full details as soon as Twitter figures out how the hack was possible.
that an anonymous whistleblower has told Motherboard in a candid interview that Twitter is still unsure whether their employee was a victim of a social engineering attack or helped the hackers on his own accord.
The implication that it could be an inside job feeds into Kim Dotcom’s old “backdoor mantra”.
The Twitter hack in his opinion
vindicated his conspiracy theory as it reveals that “there are government backdoors with god mode that can be abused”. Which makes evidence from email, smartphones, social media is no longer reliable in Court because it can be edited.
The Real Danger Behind the Hack
Some experts were quick to point out that the level of access available, albeit temporary, to the hackers basically allowed them to enter God mode with all possible implications.
Twitter is still trying to figure out the real amount of damage the hackers may yet cause, having attained access to private information and the message history of its users. The distribution of Bitcoins scam could only be a distraction, and the attackers' true goal could very well be precious private data.
Follow us on Twitter and Facebook and join our Telegram channel to know what’s up with crypto and why it’s important.