By Dave McKay | July 16, 2020
Billionaires Elon Musk, Jeff Bezos and Bill Gates and other famous US figures had fake tweets sent out in their name. All of the tweets were designed to make the Titter-verse believe that these major figures were offering to double your money. If you sent them money in the form of the Bitcoin cryptocurrency they “promised” to pay it back in double.
Evidently the threat actors gained access to Twitter administrative capabilities and by-passed the passwords on those accounts.
“We know they [the hackers] used this access to take control of many highly-visible (including verified) accounts and Tweet on their behalf,” the company said in a series of tweets.
The UK’s National Cyber Security Centre (NCSC) said its officers had “reached out” to the tech firm.
“While this appears to be an attack on the company rather than individual users, we would urge people to treat requests for money or sensitive information on social media with extreme caution,” it added in a statement.
As bad as all this is, it could have been worse. Dr Alexi Drew from King’s College London told the BBC:
“If you were to have this kind of incident take place in the middle of a crisis, where Twitter was being used to either communicate de-escalatory language or critical information to the public, and suddenly it’s putting out the wrong messages from several verified status accounts - that could be seriously destabilising.”
As daft as the tweets may appear in the cold light of day—send me money and I’ll send you back double!—many fell for it.
Inspecting the transactions associated with a Bitcoin wallet is easy, finding out who owns the wallet takes much more effort. Using the Blockchain Explorer shows us that 383 transactions were made, sending money into that Bitcoin account, with a US dollar value of $118K.
Not a bad day’s work.
Strangely, all but $134.74 has been withdrawn from the account.