Target Claims Bitcoin Scam Tweet Came Through Hacked Third-Party Provider

Kevin O'Brien

Retail giant Target has provided some additional context about how they were the victims of cryptocurrency scammers on Twitter. As reported, the hackers managed to Tweet about a fraudulent bitcoin giveaway scheme on November 13 from their official account.

The company released a Twitter statement a bit later detailing how its account was “inappropriately accessed” for about 30 minutes until staffers were able to regain control.  

Now, according to reporting from TheNextWeb, Target asserted the scam Tweet came after the hackers got control over a third-party software provider, and not the company’s actual account.

A New Twist In The Bitcoin Scam Saga

According to an email from a Target spokesperson, the cybercriminals managed to get access to a company marketing the vendor's Twitter handle. This gave them the ability to post on Target’s behalf to its 1.92 million followers. Target did not say who the vendor was, but noted they have “implemented a number of security measures to re-secure their account.”

The Target hack is the latest in a number of successful operations by cybercriminals who have managed to post fraudulent crypto giveaway links from a number of social media profiles. Speculation, according to TheNextWeb, points to hackers being able to wrestle control away from the administrators of a third-party application that had authorization to post from a large number of accounts.    

A Rash Of High-Profile Hacks

Over the last few weeks, hackers have taken over a number of verified accounts to send out scam postings to try and attempt to collect cryptocurrency. CryptoGlobe wrote about scammers who managed to accrue about $39,000 after impersonating Tesla’s Elon Musk. The Musk scam was notable because the tweet was promoted by Twitter itself, who allegedly has a vetting process for these types of posts.

Just a couple of days ago, Google’s G Suite also fell victim to a cryptocurrency hacking scam after cybercriminals sent out a fake bitcoin giveaway tweet. It had many similarities to the fake Musk Tweet, and seemed to signify that crypto-scammers were becoming increasingly savvy with their schemes on Twitter.

Browser Extentions Are Trying to Steal Your Bitcoin, Says Casa CEO

Will Heasman

Casa CEO, Jeremy Welch has expressed concerns about, malicious browser extensions, noting that some may pose a risk to users' bitcoin holdings. 

Addressing a crowded conference room during this weekend's Baltic Honeybadger meeting in Riga, Welch urged proper due diligence when it came to bitcoin and browser security. 

Browser extensions impose major risks, and these risks haven’t been discussed until this point... Make sure you don’t expose your bitcoin addresses anywhere.

Somewhat unbeknownst to any casual peruser of the internet, dangers lurk around pretty much any URL. Browser extensions are perhaps the most insidious element, containing trackers to monitor user information and gather data. While these may not necessarily be menacing in themselves, they can provide scammers with a great resource to expose users to further threat. 

Speaking further on the matter, Welch elaborated on several examples, including a seemingly harmless extension that provides wallpapers depicting motivational quotes. In reality, this outwardly innocuous add-on is actually malware stealing KYC data as you fill in online compliance forms. Such threats can appropriate identification such as passports via code which is later portrayed as a graphic depiction.  

You got a nice background here, and you don’t realize that your browser is actually dumping data

Moreover, Welch explained how some extensions allow the diversion of funds, altering a receiving address and channeling it to the hacker's own.

Even if wallpaper apps aren't your thing, you may be surprised to learn that Welch highlighted more mainstream iterations, such as editing app, Grammarly, as well as the Joule extension for lightning transactions.  

The issues remain that there is no real way to know which browsers are dependable and which are not. As Welch notes, something as simple as a software update could prove to destabilize the security of a browser extension and provide access for bad actors. 

Featured Image Credit: Photo via