Twitter has been under attack by hackers recently, who managed to scam Bitcoin from users, by using verified accounts. This attack managed to gain access to various verified accounts, including Elon Musk, Bill Gates, Barack Obama, Kanye West, Apple, and so on.
Each of those accounts sent the same message to users. It promised to double the amount of Bitcoin sent to a given address. The thing is, it won’t of course, because this is a scam.
This Twitter scan used verified accounts to gain Bitcoin
Many users fell for it, and sent their Bitcoin, hoping they’ll get double back. Well, if you did that, your money is as good as gone, basically. Bitcoin transactions can’t exactly be tracked as you would regular ones, so… it’s gone with the wind.
Everything happened really fast. Twitter acknowledged the issue, and its ‘Twitter Support’ handle offered more insight into it. The company said that it detected a “coordinated social engineering attack”.
That attack was targeted some of Twitter’s employees “with access to internal systems and tools”. The attackers used this access to take control of “many highly-visible (including verified) accounts and Tweet on their behalf”.
Twitter did block all verified accounts from tweeting, for security purposes, as it continued to investigate the issue. It also removed all such tweets that asked for Bitcoin.
Soon after that, the company returned tweeting privileges to such accounts, so we presume that the issue has been fixed.
Additionally, TechCrunch reported that a hacker named “Kirk” contacted forum posters on OGUsers, saying he needed help selling stolen vanity usernames. OGUsers is a site visited by people who trade in popular social media handles.
TechCrunch’s source says that it’s quite unlikely that a Twitter employee was involved, but “Kirk” gained access to internal tools regardless, and managed to disrupt everything.
The company is still investigating the attack
Twitter said that it is still investigating “what other malicious activity they may have conducted or information they may have accessed”. Considering the reach of this hack, who knows what the hacker(s) may have accessed.
This was a well-organized attack, and unfortunately, many users fell for the scam before it was relieved, Those users’ Bitcoin is probably lost forever, unfortunately.
Be very careful to whom you send your Bitcoin to. This was quite fishy from the get-go, but many people didn’t think twice considering that the offer came from well-known, verified accounts.