Retail giant Target has provided some additional context about how they were the victims of cryptocurrency scammers on Twitter. As reported, the hackers managed to Tweet about a fraudulent bitcoin giveaway scheme on November 13 from their official account.
The company released a Twitter statement a bit later detailing how its account was “inappropriately accessed” for about 30 minutes until staffers were able to regain control.
Early this morning, our Twitter account was inappropriately accessed. The access lasted for approx. half an hour & one fake tweet was posted during that time about a bitcoin scam. We have regained control of the account, are in close contact with Twitter & are investigating now.— Target (@Target) November 13, 2018
Now, according to reporting from TheNextWeb, Target asserted the scam Tweet came after the hackers got control over a third-party software provider, and not the company’s actual account.
A New Twist In The Bitcoin Scam Saga
According to an email from a Target spokesperson, the cybercriminals managed to get access to a company marketing the vendor's Twitter handle. This gave them the ability to post on Target’s behalf to its 1.92 million followers. Target did not say who the vendor was, but noted they have “implemented a number of security measures to re-secure their account.”
The Target hack is the latest in a number of successful operations by cybercriminals who have managed to post fraudulent crypto giveaway links from a number of social media profiles. Speculation, according to TheNextWeb, points to hackers being able to wrestle control away from the administrators of a third-party application that had authorization to post from a large number of accounts.
A Rash Of High-Profile Hacks
Over the last few weeks, hackers have taken over a number of verified accounts to send out scam postings to try and attempt to collect cryptocurrency. CryptoGlobe wrote about scammers who managed to accrue about $39,000 after impersonating Tesla’s Elon Musk. The Musk scam was notable because the tweet was promoted by Twitter itself, who allegedly has a vetting process for these types of posts.
Just a couple of days ago, Google’s G Suite also fell victim to a cryptocurrency hacking scam after cybercriminals sent out a fake bitcoin giveaway tweet. It had many similarities to the fake Musk Tweet, and seemed to signify that crypto-scammers were becoming increasingly savvy with their schemes on Twitter.