Bitcoin

Twitter Hack Was the Result of Social Engineering

By Dave McKay in cybersecurity

July 31, 2020

Social Engineering Attack Vector Twitter have declared that the route taken by the threat actors who pulled off this month’s Twitter hack and Bitcoin scam was social engineering. They made convincing but bogus phone calls to Twitter employees and managed to convince them to reveal their credentials. According to Twitter, the social engineering attack gave the threat actors the credentials of a limited set of employees, making it possible for the bad guys to access Twitter’s internal network and support tools.

Continue reading

No More Ransom

By Dave McKay in cybercrime

July 28, 2020

Garmin Hit by WastedLocker Ransomware Garmin has been hit by a four day outage due to a ransomware attack. Today it was announced that Garmin have obtained the decryption key, although how has not been revealed. Perhaps they paid the ransom, although the US Treasury placed sanctions against the probable culprits, EvilCorp, making it illegal to pay them a ransom. Ransomware is a type of malware that infects victims’ computers and encrypts their data.

Continue reading

Update on Major Twitter Hack

By Dave McKay in cybercrime

July 18, 2020

Where’s Captain Kirk? Four participants in the Twitter hack that breached high-profile and verified Twitter accounts in a Bitcoin grabbing scam have given interviews to the New York Times. Their stories suggest that this was not an attack from a state-sponsored offensive cyber division, nor the work of organised crime. It was a group of 19 and 20 year olds who met online on a website/forum ostensibly for people who like to get in first on new platforms and register unusual, significant, or very short user names, (yes, that’s a thing), but actuall a website dedicated to hijacking accounts.

Continue reading

Major US Twitter Accounts Hacked in Bitcoin Scam

By Dave McKay in cybercrime

July 16, 2020

Billionaires Elon Musk, Jeff Bezos and Bill Gates and other famous US figures had fake tweets sent out in their name. All of the tweets were designed to make the Titter-verse believe that these major figures were offering to double your money. If you sent them money in the form of the Bitcoin cryptocurrency they “promised” to pay it back in double. Evidently the threat actors gained access to Twitter administrative capabilities and by-passed the passwords on those accounts.

Continue reading

Categories

Tags