Twitter hacked – Insiders put social media giants at risk
On July 15, Twitter accounts for several high profile A cryptocurrency (or cryptocurrency) is a digital asset that … more Stock exchanges, public figures and various entities have been taken over by hackers who advertise Bitcoin is a digital currency (also called cryptocurrency) … more Double fraud.
Shortly after 12 p.m. PST, the Twitter accounts for AngeloBTC, Binance, Binance CEO Changpeng Zhao, CoinDesk, Coinbase, Gemini, Kucoin and Tron founder Justin Sun were most likely taken over by the same person. Each of these accounts posted or retweeted:
“We have teamed up with CryptoForHealth and are giving 5000 BTC back to the community.
See more here: http: //Crypto for health.com “
Figures 1a and 1b: Sample tweets from Bitfinex and Kukoin accounts.
These tweets have since been deleted and the Cryptoforhealth website is now offline.
The website claims to be running a giveaway of 5,000 BTC on the condition that CryptoForHealth will return double that amount if a person sends 0.1 BTC to 20 BTC to the post address. This is a typical Bitcoin doubler scam that results in the sender losing all of their Bitcoin. The address given by the scammers is bc1qxy2kgdygjrsqtzq2n0yrf2493p83kkfjhx0wlh.
After the first wave of tweets, several other accounts were compromised, including Jeff Bezos, Uber, Barack Obama, Joe Biden, and Elon Musk. These compromised accounts refer directly to the Bitcoin Doubler Scam and contained the BTC deposit address instead of redirecting the victims to a website. As a result, the amount of Bitcoin in the specified address skyrocketed.
Figures 2a and 2b: Screenshots of the compromised Twitter accounts of Democratic presidential candidate Joe Biden and Israeli Prime Minister Benjamin Netanyahu promoting the fraud.
The full list of addresses can be found below.
Most of the Bitcoin went to bc1qxy2kgdygjrsqtzq2n0yrf2493p83kkfjhx0wlh. By 6:30 p.m. PST, that address had received 12.86204920 BTC and sent all but 0.00859729 BTC. bc1qxy2kgdygjrsqtzq2n0yrf2493p83kkfjhx0wlh, very roughly $ 125,000 from over 430 victims at the time of this report:
1Ai52Uw6usjhpcDrwSmkUvjuqLpcznUuyF (7.40 BTC)
bc1qjjcc4ylp9yfn04m34wzlscp5q2rpyu89rmqslf (4.29 BTC)
bc1q5w26m2g5ja4jzplpj7p93enf6r4yjcnc5yea6s (0.76 BTC)
bc1q6l86kvwg4kr75w5ac9j30dn8363kcr8rde35dn (0.54 BTC)
bc1q4089hk7vu47qlwcf4tjthwgw8l7yz72hpkg3k4 (0.54 BTC)
Figure 3: An example of the hacker consolidating multiple UTXOs (all of which represent payments from different victims) into new BTC addresses.
The funds have not attempted to switch to cryptocurrency exchanges or other fiat off ramps at the time of this report. CipherTrace continues to monitor the hacker’s address for movement.
Cause of the Twitter violation
Twitter support believes that this was the cause of the violation “A coordinated social engineering attack by people who have successfully targeted some of our employees with access to internal systems and tools.“Twitter is investigating what other malicious activities the hackers may have been doing or information they may have accessed. Twitter claims it has taken significant steps to restrict access to internal systems while the investigation continues and will continue to inform the public of its findings.
Crypto users are becoming more careful with scams
While the exploitation of trust markers such as multiple Twitter can verify accounts that it is an Acco … more was a smart move to fool users that the Bitcoin Doubler scam was legitimate, the amount the hacker pocketed was tiny compared to the vast reach of the compromised accounts. This could be attributed to two main factors: proper AML practices on exchanges prevented new users from sending their coins to the hackers while the fraud was at its peak, and crypto users are better informed when it comes to common crypto scams .
It is likely that most of the victims of the scam had already opened accounts with crypto exchanges, as it would be almost impossible to open an account with a reputable exchange and deposit and transfer funds in a day, even through ACH transfers. Exchanges where users could open accounts faster would typically request fiat deposits in wire transfers, not ACH. These accounts could not trade cryptocurrencies until the wires are free, which can take up to three days. This likely prevented the hacker from taking advantage of those who did not own cryptocurrency or had accounts with exchanges.
The limited amount of funds the hacker actually received, despite compromising prominent crypto-related Twitter accounts, also shows the ability of the crypto users to spot common scams. Bitcoin Doubler scams are widely spread by criminals through social media. Violating multiple trusted crypto-related accounts is a new twist, but many haven’t fallen for it. In total, the Twitter hacker stole $ 125,000 from over 430 victims – most of them after compromising many high-profile, non-crypto-related accounts. It is likely that these users were less familiar with the meanings of similar crypto scams.
List of hacked accounts
- Charlie Lee
- Justin sun
- Barack Obama
- Benjamin Netanyahu
- Bill Gates
- Elon Musk
- Jeff Bezos
- Joe Biden
- Kanye West
- Kim Kardashian West
- Mike Bloomberg
- Twitter support
* Twitter Hack Update – Fraudulent funds traced back to exchanges and mixed services