Target Claims Bitcoin Scam Tweet Came Through Hacked Third-Party Provider

Kevin O'Brien

Retail giant Target has provided some additional context about how they were the victims of cryptocurrency scammers on Twitter. As reported, the hackers managed to Tweet about a fraudulent bitcoin giveaway scheme on November 13 from their official account.

The company released a Twitter statement a bit later detailing how its account was “inappropriately accessed” for about 30 minutes until staffers were able to regain control.  

Now, according to reporting from TheNextWeb, Target asserted the scam Tweet came after the hackers got control over a third-party software provider, and not the company’s actual account.

A New Twist In The Bitcoin Scam Saga

According to an email from a Target spokesperson, the cybercriminals managed to get access to a company marketing the vendor's Twitter handle. This gave them the ability to post on Target’s behalf to its 1.92 million followers. Target did not say who the vendor was, but noted they have “implemented a number of security measures to re-secure their account.”

The Target hack is the latest in a number of successful operations by cybercriminals who have managed to post fraudulent crypto giveaway links from a number of social media profiles. Speculation, according to TheNextWeb, points to hackers being able to wrestle control away from the administrators of a third-party application that had authorization to post from a large number of accounts.    

A Rash Of High-Profile Hacks

Over the last few weeks, hackers have taken over a number of verified accounts to send out scam postings to try and attempt to collect cryptocurrency. CryptoGlobe wrote about scammers who managed to accrue about $39,000 after impersonating Tesla’s Elon Musk. The Musk scam was notable because the tweet was promoted by Twitter itself, who allegedly has a vetting process for these types of posts.

Just a couple of days ago, Google’s G Suite also fell victim to a cryptocurrency hacking scam after cybercriminals sent out a fake bitcoin giveaway tweet. It had many similarities to the fake Musk Tweet, and seemed to signify that crypto-scammers were becoming increasingly savvy with their schemes on Twitter.

IOTA Foundation to Reopen Mainnet by March 2 after $2 Million Hack

The IOTA Foundation, the non-profit organization behind the IOTA network, has announced it plans to reactivate the IOTA Network by March 2 after halting it over a $2 million hack.

According to the non-profit organization, it’s working on creating transition tools for users to transfer funds from their existing wallets to new ones so they can avoid any further losses and bring the network back online.

As CryptoGlobe reported, the IOTA Foundation turned off its Coordinator node, which is responsible for validating individual transactions on the network, earlier this month after users started reporting their funds were being stolen from the Trinity wallet, a wallet designed by the Foundation.

Since it turned the coordinator off, it has been working with law enforcement agencies, including the German Center for Cybercrime and the U.S. Federal Bureau of Investigation, to identify the cause. A total of “8.55 Ti”, or $2.3 million worth of IOTA tokens were lost.

In a post-mortem report, the Foundation detailed the vulnerability was the result of an integration with a fiat-to-crypto onramp platform called MoonPay that was being used with the Trinity wallet. Its investigation found a hacker was able to take over MoonPay’s content distribution network, and using it infiltrated the Trinity Wallet to distribute malicious Software Development Kits (SDKs).

The Foundation’s internal analysis of affected Trinity caches found irrefutable proof that they had been compromised with one of several illicit versions of Moonpay’s software development kit (SDK), which was being loaded automatically from Moonpay’s servers (their content delivery network) when a user opened Trinity.

The attacker, according to the Foundation, made sure he avoided triggering cryptocurrency exchanges’ know-your-customer (KYC) checks when sending funds to cash out, keeping the threshold below $10,000.

The IOTA Foundation was, according to the report, only able to identify 50 victims from the attack, and doesn’t know exactly how many users were affected by the attack. As such, it’s asking those who used the Trinity desktop wallet to use a migration tool.

The organization’s move to shut down the Coordinator node and essentially bring the mainnet to a halt was a controversial one, as various cryptocurrency users are now on social media claiming the IOTA network is centralized.

Featured image via Pixabay.