Home » Social » Bitcoin scam: Twitter staff targeted by ‘coordinated social engineering’ attack
Image credit: Wit Olszewski

Bitcoin scam: Twitter staff targeted by ‘coordinated social engineering’ attack

Overnight, Twitter suffered a massive attack by hackers who tried to use the verified accounts of celebrities and high-profile users to execute a Bitcoin scam.

Advertisement

IT News Nigeria:

The likes of Barack Obama, Joe Biden, Elon Musk, Bill Gates and Kanye West had their accounts hijacked and message were posted promising that if people sent money to a Bitcoin wallet, they would get double the amount back.

Needless to say, it was a crypto scam, and Twitter took the extraordinary steps of preventing all users with a blue tick from tweeting. Twitter now has control of the situation and says that the attack came after staff fell victim to social engineering, enabling hackers to gain access to internal tools which were then used to take over key accounts.

Numerous tweets — now deleted by Twitter — encouraged users to part with money for the promise of a quick profit. A tweet from Bill Gates’ account read “Everyone is asking me to give back. You send $1,000, I send you back $2,000. BTC Address xxxxxxxxxx. Only going on for 30 minutes! Enjoy!” Tweets from other celebrities and prominent accounts took much the same form.

Twitter was fairly quick to acknowledge that there was problem, and tweeted to let users know:

While the scam had the potential to net millions of dollars, blockchain records show that the perpetrators only managed to obtain around $100,000 from victims before Twitter took steps to intervene.

In a series of tweets via its @TwitterSupport account, the company released a statement explaining what it knows about the incident:

READ ALSO  New Sophos EDR 2020: Sophos unveils Advanced version of Endpoint Detection and Response

Our investigation is still ongoing but here’s what we know so far:

We detected what we believe to be a coordinated social engineering attack by people who successfully targeted some of our employees with access to internal systems and tools. We know they used this access to take control of many highly-visible (including verified) accounts and Tweet on their behalf. We’re looking into what other malicious activity they may have conducted or information they may have accessed and will share more here as we have it.

Once we became aware of the incident, we immediately locked down the affected accounts and removed Tweets posted by the attackers. We also limited functionality for a much larger group of accounts, like all verified accounts (even those with no evidence of being compromised), while we continue to fully investigate this. This was disruptive, but it was an important step to reduce risk. Most functionality has been restored but we may take further actions and will update you if we do. We have locked accounts that were compromised and will restore access to the original account owner only when we are certain we can do so securely.

Internally, we’ve taken significant steps to limit access to internal systems and tools while our investigation is ongoing. More updates to come as our investigation continues. – betanews

READ ALSO  African Developers Celebrated At Facebook’s Annual F8 Conference
bitcoin scam

Leave a Reply

Your email address will not be published. Required fields are marked *

*

x

Check Also

88.7m followers: Twitter suspends Trump account

Twitter has suspended President Donald Trump ...

5G adoption in Nigeria

How 5G adoption brings new security risks

Most professionals say their organizations are ...

twitter

U.S. election: Twitter labels 300,000 misleading tweets

Twitter said it labelled approximately 300,000 ...

trump

Why Trump threatens to launch Digital Media Company

Trump has threatened established media with ...

eset

ESET launches updated consumer security range for Windows

ESET: Cybersecurity company ESET is launching new versions ...