Article 55RRZ Apple, Biden, Musk and other high-profile Twitter accounts hacked in crypto scam

Apple, Biden, Musk and other high-profile Twitter accounts hacked in crypto scam

by
Zack Whittaker
from Crunch Hype on (#55RRZ)

A number of high-profile Twitter accounts were simultaneously hacked on Wednesday by attackers who used the accounts - some with millions of followers - to spread a cryptocurrency scam.

Apple, Elon Musk and Joe Biden were among the accounts compromised in a broadly targeted hack that remained mysterious hours after taking place. Those accounts and many others posted a message promoting the address of a bitcoin wallet with the claim that the amount of any payments made to the address would be doubled and sent back - a known cryptocurrency scam technique.

In the hours following the initial scam posts, Kim Kardashian West, Jeff Bezos, Bill Gates, Barack Obama, Wiz Khalifa, Warren Buffett, YouTuber MrBeast, Wendy's, Uber, CashApp and Mike Bloomberg also posted the cryptocurrency scam.

Screen-Shot-2020-07-15-at-4.42.26-PM.png

Screenshot via Twitter

Before the scope of the incident became clear, the hack initially appeared to target cryptocurrency-focused accounts. In an initial wave of scam posts, @bitcoin, @ripple, @coindesk, @coinbase and @binance were hacked with the same message: We have partnered with CryptoForHealth and are giving back 5000 BTC to the community," followed by a link to a website, which we are not linking to.

The linked website was quickly pulled offline. Kristaps Ronka, chief executive of Namesilo, the domain registrar used by the scammers, told TechCrunch that the company suspended the domain on the first report" it received.

Hacked accounts shifted to sharing multiple bitcoin wallet addresses as the incident went on, making things more difficult to track. Twitter acknowledged the situation at 2:45 p.m. PT Wednesday afternoon, referring to it as a security incident."

We are aware of a security incident impacting accounts on Twitter. We are investigating and taking steps to fix it. We will update everyone shortly.

- Twitter Support (@TwitterSupport) July 15, 2020

At first, it appeared that some of the compromised accounts were back under their owners' control as tweets were quickly deleted. But then, Elon Musk's account tweeted hi" after his initial tweet with the scam was deleted. The hi" tweet also disappeared.

Twitter users reported seeing error messages on the platform as the situation went on. TechCrunch reporter Natasha Mascarenhas saw this error (see below) when she tried to create a threaded tweet. TechCrunch reporter Sarah Perez saw a similar error when trying to post a normal tweet. Both have verified accounts.

Screen-Shot-2020-07-15-at-3.06.04-PM.png

Twitter error message (Image: TechCrunch)

As the issues continued, many verified Twitter users also reported being unable to tweet. Around 3:15 p.m. PT, the official Twitter Support account confirmed [Users] may be unable to Tweet or reset your password while we review and address this incident." By Wednesday evening, Twitter said that most tweeting should be back to normal but functionality may come and go" as the company continue[s] working on a fix."

Most accounts should be able to Tweet again. As we continue working on a fix, this functionality may come and go. We're working to get things back to normal as quickly as possible.

- Twitter Support (@TwitterSupport) July 16, 2020

Who was hacked

It became clear early on that this situation was not the case of a single account being compromised as we've seen in the past, but something else altogether. Even Apple, a company known for robust security, somehow fell victim to the scheme.

Screen-Shot-2020-07-15-at-5.01.00-PM.jpg

Apple's account was also hacked. This was the account's first tweet. (Image: TechCrunch)

Many high profile accounts were quickly hijacked in rapid succession Wednesday afternoon, including @elonmusk, the eccentric Twitter-obsessed tech figure with a notoriously engaged fanbase. A scam tweet posted to the Tesla and SpaceX founder's account simply directed users to send bitcoin to a certain address under the guise that he will double any payment" - a known cryptocurrency scam technique. Musk's account appeared to remain compromised for some time after the initial message, with follow-up posts claiming followers were sending money to the suspicious address.

Screen-Shot-2020-07-15-at-4.18.44-PM-1.j

Tesla and SpaceX founder Elon Musk had his Twitter account hacked to spread a cryptocurrency scam. (Image: TechCrunch)

Some Democratic political figures were also hacked as part of the cryptocurrency scam, including Barack Obama, Joe Biden and Mike Bloomberg. An official from the Biden campaign told TechCrunch that Twitter locked down the former vice president's account immediately" after it was compromised and the campaign remains in close contact with Twitter on the issue. At the time of writing, no accounts belonging to Republican politicians appear to have been hacked.

Screen-Shot-2020-07-15-at-5.37.49-PM-e15

Barack Obama had his Twitter account hacked to spread a cryptocurrency scam. (Image: TechCrunch)

Wiz Khalifa's account was also compromised, as was the Twitter account of popular YouTuber MrBeast, who often posts giveaways, making his re-post of the bitcoin address particularly likely to drive followers to the scam.

The hack also hit legendary investor Warren Buffet, a prominent and harsh critic of cryptocurrencies like bitcoin. I don't have any cryptocurrency and I never will," Buffet told CNBC in February.

Unusual hack, common scam

While the scope of Wednesday's Twitter hack is unprecedented on the social network, the kinds of scams the hacked accounts promoted are common. Scammers take over high-profile Twitter accounts using breached or leaked passwords and post messages that encourage users to post their cryptocurrency funds to a particular address under the guise that they'll double their investment." In reality, it's simple theft, but it's a scam that works.

The main blockchain address used on the scam site had already collected more than 12.5 bitcoin - some $116,000 in USD - and it's going up by the minute.

A spokesperson for Binance told TechCrunch: The security team is actively investigating the situation of this coordinated attack on the crypto industry." Several other companies affected by the account hacks did not immediately respond to a request for comment.

It's not immediately known how the account hacks took place. Security researchers, however, found that the attackers had fully taken over the victims' accounts, and also changed the email address associated with the account to make it harder for the real user to regain access.

Scammers frequently reply to high-profile accounts, like celebrities and public figures, to hijack the conversation and hoodwink unsuspecting victims. Twitter typically shuts these accounts down pretty fast.

A Twitter spokesperson, when reached, said the company was looking into" the matter but didn't immediately comment.

This story is developing. Stay tuned for updates.

Below are screenshots of some of the hacked accounts.

[gallery ids="2017548,2017549,2017550,2017551,2017552,2017553,2017555,2017556,2017557,2017558,2017547"]

Techcrunch?d=2mJPEYqXBVI Techcrunch?d=7Q72WNTAKBA Techcrunch?d=yIl2AUoC8zA Techcrunch?i=B8ADgtZQAWQ:YmrXO_OKJio:-BT Techcrunch?i=B8ADgtZQAWQ:YmrXO_OKJio:D7D Techcrunch?d=qj6IDK7rITsB8ADgtZQAWQ
External Content
Source RSS or Atom Feed
Feed Location http://feeds.feedburner.com/TechCrunch/
Feed Title Crunch Hype
Feed Link https://techncruncher.blogspot.com/
Reply 0 comments