16 July 2020

Twitter accounts of Apple, Musk, Gates, Bezos and others hijacked in an unprecedented crypto scam


Twitter accounts of Apple, Musk, Gates, Bezos and others hijacked in an unprecedented crypto scam

The official Twitter accounts of prominent users, including Bill Gates, Apple, Elon Musk, Jeff Bezos, Joe Biden, Barack Obama, Uber, bitcoin specialty firms (Binance, Gemini, Coinbase, Bitfinex, Justin Sun, Charlie Lee and others) were hijacked on Wednesday in a major hacking spree trying to trick people into sending cryptocurrency bitcoin.

The scammers were using hacked accounts to promote a cryptocurrency scheme promising to give away up to 5,000 bitcoins to those sending between 0.1 BTC to 20 BTC to a "contribution" address.

According to Blockchain.com, which monitors transactions made in cryptocurrencies, a total of 12.58 bitcoins, worth almost $116,000, had been sent to the email addresses mentioned in the fraudulent tweets.

"Happy Wednesday! I am giving back Bitcoin to all of my followers. I am doubling all payments sent to the Bitcoin address below. You send 0.1 BTC, I send 0.2 BTC back!" the message that appeared on Musk's Twitter account said.

It also mentioned that the offer was "only going on for 30 minutes."

The fake messages posted on the other high-ranking accounts were of a similar nature.

Twitter disabled the ability to tweet from validated accounts for about two hours while working on a fix. Soon after it began investigating the incident, Twitter said in a series of tweets that the incident appeared to be a coordinated social engineering attack” against some Twitter employees “with access to internal systems and tools.” The company said it was “looking into what other malicious activity [the hackers] may have conducted or information they may have accessed and will share more here as we have it.”

While Twitter is keeping silent on what tools the attackers exploited or how the attack was carried out, Motherboard reported that a Twitter employee was responsible for a of high profile account takeovers. According to the report, in the underground hacking community are being shared screenshots of an internal admin tool allegedly used to hack the accounts, potentially by resetting account email accounts and then recovering passwords.

Motherboard said it has talked to a hacker who said they paid a Twitter employee to change the email addresses of popular accounts using the internal tool so that they could then hijack them.

Back to the list

Latest Posts

Free VPN apps on Google Play turned Android devices into residential proxies

Free VPN apps on Google Play turned Android devices into residential proxies

The threat actor behind this scheme profits by selling access to the residential proxy network to third parties.
28 March 2024
Cyber spies strike Indian government and energy sectors

Cyber spies strike Indian government and energy sectors

The operation involved phishing emails delivering the HackBrowserData info-stealer.
28 March 2024
Spyware makers and state-backed hackers are primary culprits behind rise in zero-day exploits, Google says

Spyware makers and state-backed hackers are primary culprits behind rise in zero-day exploits, Google says

97 zero-day flaws were exploited in-the-wild in 2023, marking an increase of over 50% compared to 2022.
27 March 2024