On 16 July, Wednesday, Twitter faced most likely the worst attack ever. Many verified and influential accounts were hacked and used to solicit Bitcoin. The hacked accounts sent out tweets promising to double the money sent to a particular BTC address.
Tesla CEO, Elon Musk was one of the first who tweeted about this “Twitter hacked” scam. The hackers had taken control of Musk’s Twitter handle. Furthermore, the now-deleted tweet read like this, “Feeling grateful, doubling all payments sent to my BTC address! You send $1,000, I send back $2,000! Only doing this for the next 30 minutes.”
Even after deleting this particular post, similar posts kept appearing on his handle. That is when Twitter temporarily revoked the messaged publishing rights of some of the verified accounts. And this happened to many top crypto influencers and company Twitter accounts too. The list of crypto accounts included Changpeng Zhao (CZ), Binance, Kucoin, Justin Sun, Gemini, and Coinbase.
These messages also mentioned a bitcoin wallet address. When tracked the wallet had accumulated more than $100,000 (11 BTC) as the scam spread.
Twitter – A Tough Day
Twitter CEO, Jack Dorsey, expressed grave concern over this episode of “Twitter hacked”. He tweeted that the team is investigating the situation and is working on understanding what happened. Meanwhile, the social media giant has restored access to the verified accounts. However, it has internally limited access to tools like password reset and more.
According to the recent tweet, Twitter detected it could be a coordinated social engineering attack a group. Furthermore, it mentions the group must have successfully targeted Twitter employees. Using their credentials they must have gained access to internal systems and tools.
As per the reports all the targeted Twitter accounts had millions of followers. Apart from the ones mentioned above, accounts of Joe Biden, Barack Obama, Jeff Bezos, rapper Kanye West, Bill Gates, reality TV star Kim Kardashian, media billionaire Mike Bloomberg, and corporate accounts of Uber and Apple were also targeted.
What could it be?
Undoubtedly, it was not a regular hack that targets a phone or an account. Some of the impacted Twitter users reported that they were using very strong passwords and had turned on 2FA (two-factor authentication).
Meanwhile, BBC reported that some of the malicious tweets directed users to a web address cryptoforhealth.com. The registered web address belongs to “Anthony Elias” who used email id firstname.lastname@example.org.
Notably, Cryptoforhealth owns an Instagram handle too. The account looks suspicious as its description reads “It was us”. The same profile posted a message that read, “It was a charity attack your money will find its way to the right place.”