Hackers have managed to access Twitter’s “internal systems and tools,” and used their access to compromise some of the most popular accounts on the social network and promote a bitcoin scam. Some experts warn that scam may, however, have been a cover for something worst.
As CryptoGlobe reported, hackers have compromised the accounts of high-profile figures and organizations, including those of apple, Uber, Bill Gates, Barack Obama, Joe Biden, Coinbase, CoinDesk, Binance, and Elon Musk. These accounts tweeted out a fake BTC giveaway that promised users they would double their funds if they sent them BTC.
[THREAD] Here's what we know so far about today’s #Twitterhack & #Bitcoinscam. As of now, the scam’s main BTC address (bc1…0wlh) received ~$120k in donations in 375 transactions. No funds have been cashed out at exchanges yet. pic.twitter.com/Jg9og3CFCz
— Chainalysis (@chainalysis) July 16, 2020
Cryptocurrency-related scams have been a known issue on Twitter, with scammers impersonating popular cryptocurrency figures to try users into entering fake giveaways. The scammers have since expanded to use YouTube and other social networks, although no attack of this scale has been seen before.
The hack seemingly managed to make around $120,000 worth of BTC, an amount some experts deem small for the coordinated effort put into hacking Twitter. The microblogging platform revealed it was targeted by a “coordinated social engineering attack by people who successfully targeted some of our employees with access to internal systems and tools.”
The fact the hackers managed to access Twitter’s internal systems suggested to some the hackers may have abused the access before promoting the fake cryptocurrency giveaway. Twitter said it was looking into other potential malicious activity in its security update.
We know they used this access to take control of many highly-visible (including verified) accounts and Tweet on their behalf. We’re looking into what other malicious activity they may have conducted or information they may have accessed and will share more here as we have it.
— Twitter Support (@TwitterSupport) July 16, 2020
While the microblogging platform claims the hackers gained access through a social engineering attack, a report published by Motherboard with an unverified interview with the hackers suggests they convinced a Twitter employee to help them hijacked the accounts
Take the circumstances into account various security experts claimed the attack could have been a “distraction” from something worse. Michael Borohovski, director of software at security firm Synopsys, told The Independent:
If the hackers do have access to the backend of Twitter, or direct database access, there is nothing potentially stopping them from pilfering data in addition to using this tweet-scam as a distraction.
Twitter user data could, for example, be sold on the dark web for more cryptocurrency. As reported, hackers are currently trying to sell the data of 142 million MGM Resorts guests for either BTC or XMR.