Verified Twitter accounts of high-profile individuals and companies like Apple, Bill Gates, Joe Biden, and Elon Musk assured followers a huge pay out if they just send bitcoin to a block chain address — presumably to contribute to the COVID-19 relief funds; after the social media platform was breached.
Affected accounts belong to businesses and individuals involving Apple, Bitcoin, Barack Obama, CashApp, CoinDesk, Jeff Bezos, Elon Musk, Coinbase, Uber, Bill Gates, Joe Biden, Michael Bloomberg, and Kanye West. A few account owners quickly took control of their profiles and deleted the tweets.
The message from some accounts read, “I am giving back to my community due to Covid-19,” noting that the offer was valid for only 30 minutes. Bill Gates’ account promised to send $2,000 back to people who sent $1,000. A similar message appeared on Elon Musk’s account, with a tweet saying, “I’ll double any BTC payment sent to my BTC address for the next hour,” followed by a hyperlink.
Cyber security firm RiskIQ has published a list of domains connected to the scam, giving further insight into the magnitude of people and corporations targeted. It’s ambiguous how widespread the incident is, but so far, the scammers have been successful in collecting more than $103,000.
Security researchers also found that the attackers had not only taken over the victims’ accounts, but also changed the email address associated with the accounts, making it tougher for the real user to regain access.
Twitter said in an official statement: “We are aware of a security incident impacting accounts Twitter accounts. We are investigating and taking steps to fix it. We will update everyone shortly”. As a part of the company’s remediation efforts, verified accounts, used to promote the scam, have been blocked from tweeting.
Hours later, twitter confirmed that the hack was a result of a social engineering attack by which the hackers targeted some of their employees with access to internal systems and tools.
Once aware of the incident, twitter immediately locked the affected accounts and removed tweets posted by the attackers. Internally, Twitter said it has also taken steps to limit access to internal systems and tools while the investigation is ongoing.
Whereas in other cases, the attackers have bribed workers to leverage tools over individual users, in this case social engineering has been used to gain access that has led to takeovers of some of the biggest accounts on the social media platform and tweeted bitcoin related scams in an effort to generate income.