The popular social networking platform Twitter suffered one of the biggest cyber assaults of all time.
This Wednesday, a number of leading Twitter accounts were concurrently hacked through what has been a far-reaching hacker effort to facilitate a cryptocurrency scam. Among the breached accounts are those of the U.S. candidate for President Joe Biden, Amazon’s CEO Jeff Bezos, Elon Musk, Bill Gates, Uber and Apple.
The widely focused attack consisted of publishing similarly formulated messages that encourage the millions of followers of the breached accounts to send money to a given BitCoin wallet for a greater payback.
“Everyone is asking me to give back, and now is the time,” said a tweet in the breached account of Bill Gates. “You send $1,000, I send you back $2,000.”
According to Twitter, the incident is a “coordinated social engineering attack” that is aimed against its employees who have access to internal tools.
The estimated amount of money in BitCoins that the operation of the scammers has collected so far is nearly $120,000, indicating that a lot of unsuspected users have fallen for the scam.
In a series of tweets, Twitter explained that they are investigating the incident and have taken major measures to restrict access to internal systems and tools. It is yet to be made clear who stands behind the high-profile Twitter accounts breach and how the attackers could have gained access to direct messaging from the compromised accounts.
The assault seems to have been initially aimed toward accounts related to cryptocurrency-based platforms, such as Bitcoin, CoinDesk, Ripple, Coinbase, Gemini, and Binance. All of the mentioned platforms had their Twitter accounts hacked with the very same message that states the following:
“We have partnered with CryptoForHealth and are giving back 5000 BTC to the community.” The message was accompanied by a URL leading to a phishing website that has now been taken down.
The interesting thing is that the hacked Twitter accounts of Elon Musk, as well as the accounts of Apple, Uber and Mike Bloomberg all published tweets with the exact same BitCoin wallet address as the one on the page of CryptoForHealth.
Soon after the attack became apparent, Twitter deleted the fraudulent tweets from the breached accounts and temporary stopped a number of verified accounts from tweeting at all. This extraordinary measure was needed to limit the spread of the attack.
Incidents with Twitter account breaches have happened before, but for the first time in history, account hijacking has happened at such an unprecedented scale. Speculators suspect that in this particular attack, hackers have probably taken control of the administrative access of a Twitter employee in order to tweet on behalf of specific accounts without actually hacking their passwords or two-factor authentication.
Security researchers have revealed that the perpetrators had not only taken over the victims’ accounts but also have altered the account email address to make it more complicated for the real owner to restore its access.
Considering the quick and global scope of the Twitter cryptocurrency scam campaign, security professionals assume that the harm might have been much more serious. Yet, the way the attack was performed indicates that the motive of the hackers has probably been to simply launch a quick money-making scam.
In relation with the Twitter incident, the San Francisco field office of FBI advises the public not to fall victims of the fraud by sending cryptocurrency or money for the scam.