A number of high-profile Twitter accounts including @bitcoin, @apple, @JefBezos1 were hacked on Wednesday and used to spread a cryptocurrency scam.
In the initial wave of scam posts, @bitcoin, @ripple, @coindesk, @coinbase and @binance were hacked with the same message: “We have partnered with CryptoForHealth and are giving back 5000 BTC to the community,” followed by a link to a website
The linked website was quickly pulled offline. Kristaps Ronka, chief executive of Namesilo, the domain registrar used by the scammers, told TechCrunch that the company suspended the domain “on the first report” it received.
Apple, Elon Musk, Joe Biden and Bill Gates also saw their accounts hacked. In the hours following the initial scam posts, Kim Kardashian West, Barack Obama, Wiz Khalifa, Warren Buffett, YouTuber MrBeast, Wendy’s, CashApp and Mike Bloomberg also posted the cryptocurrency scam.
The messages included the address of a bitcoin wallet whose balance grew rapidly to more than 12 BTC (more than $118,000) as the scam spread. Tweets with similar messages were repeatedly deleted and re-posted by some of the compromised accounts over the course of Wednesday afternoon.
“The amount of damage this could cause is very high,” said Douglas Schmidt, a computer science professor at Vanderbilt University. “These people could hold information gleaned from the hack for ransom in the future.”
“The likelihood of attacks like this increase when people are working remotely it is much easier for bad actors to impersonate someone through an email and gain access to their accounts,” said Schmidt. “Assuming this wasn’t someone inside Twitter trying to take revenge, it appears to be a spear phishing attack – someone who has access to admin privileges that can override two-factor authentication and strong passwords fell victim to a hack”.
The hack likely targeted a vulnerability on Twitter’s end rather than by the individual account holders, said John Ozbay, the chief executive of privacy and security tool Cryptee.
A Twitter spokesperson, when reached, said the company was “looking into” the matter but didn’t immediately comment.
Update: 16.07.2020
In a series of tweets from Twitter Support on July 15, the help centre confirmed that hackers responsible for the massive breach of high-profile figures’ accounts had conducted a “coordinated social engineering attack” to gain “access to internal systems and tools.”
It seems that Twitter admin accounts have access to messages and sensitive personal information and posting rights. This is not right from a security perspective. An angry employee can do serious damage.
Why the official twitter account of Donald Trump was not part of the hack? Are the accounts of presidents on a higher level of protection considering the damage a hack could do to national security?
CyberSecurityMag advise you to never respond to these messages and send any funds neither they come from highly followed accounts or from your close friends. Hackers usually compromise the accounts and will send mass messages to all contacts and ask for money.