An as-yet unidentified hacker pulled off quite a heist on Twitter recently. He (or she) gained access to a Twitter Admin account, and used that access to rapidly take control of a number of high profile Twitter accounts.
Once the hackers gained control of these accounts they began using them to lure unsuspecting victims to sending them small amounts of bitcoin and other cryptocurrencies.
This was done with the promise of doubling their investment in a very short time. The scam was successful, and the unknown hacker collected more than $100,000 in cryptocurrency.
The accounts hacked Included:
- @Apple
- @Bitcoin
- @BarackObama
- @JeffBezos
- @JoeBiden
- @elon_musk
- @BillGates
- @WarrenBuffet
- @uber
- @kanyewest
- @wizkhalifa
- @coinbase
- @Ripple
- @Gemini
- @binance
- @justinsuntron
- @Tronfoundation
- @SatoshiLite
- And more
For Twitter’s part, they detected the unusual account activity quickly and shut it down, locking the impacted accounts and resetting their passwords. Some three hours after the attack began, Twitter reported that functionality had been fully restored to all impacted accounts.
The official announcement from Twitter reads in part as follows:
“We detected what we believe to be a coordinated social engineering attack by people who successfully targeted some of our employees with access to internal systems and tools.”
“We know they used this access to take control of many highly-visible (including verified) accounts and tweet on their behalf. We’re looking into what other malicious activity they may have conducted or information they may have accessed and will share more here as we have it.”
“Internally, we’ve taken significant steps to limit access to internal systems and tools while our investigation is ongoing. More updates to come as our investigation continues.”
There is some speculation that the attack may have been an inside job, but Twitter has so far neither confirmed or denied that. There is at least some cause for concern here. Current and former Twitter employees have, in the past, been charged for using Twitter’s internal systems to illegally collect information on users including email addresses, IP addresses and dates of birth.
Time well tell. In the meantime, don’t be taken in by similar sounding scams asking for small bitcoin or other cryptocurrency “investments” with the promise of spectacular, near-instant returns.