The Twitter accounts of 130 celebrities were hacked with the intent of performing a Bitcoin scam.
The event started on 15 July 2020 at 16:00 hours in the US. At that time, attackers gained access to many high-profile and verified Twitter accounts, including those of former US president Barack Obama and Jeff Bezos. The attackers sent a tweet stating that any bitcoin link sent to this account would be doubled and returned after they gained access to these trusted accounts.
The fake tweets offered $200 for every $100 sent via Bitcoin addresses. These tweets were deleted by hackers and retweeted by others when people demanded the doubled value. The Twitter support team noticed these strange happenings and immediately blocked the activities of the hacked accounts.
Twitter’s efforts to delete these Tweets were unsuccessful because few of the hacked accounts were posting the carbon-copied messages yet again.
Who were the victims of the hack?
Hacking was done to Twitter accounts of celebrities and politicians in the United States. Some of the hacked accounts included Elon Musk, Joe Biden and Kanye West.
According to Twitter, the message reached 350 million users through the use of its internal systems. This mass breach was caused by hackers who were able to scam bitcoin worth $120,000 using at least 300 transactions. This can also be called the easiest bitcoin mining to date.
The US Senate Commerce Committee demanded a Twitter account to provide a brief description of the incident. Twitter claims that this was a coordinated attack targeting employees of Twitter who had access to y8to internal portals, tools and systems. Twitter has banned all users from tweeting addresses that contain details about bitcoin wallets.
Kayvon Beykpour was the Twitter product lead. She took the incident to Twitter to share it. This was followed by a series tweets from Twitter Support.
Image Source: https://indianexpress.com/
How did the hack occur? The hack was co-ordinated by a Twitter employee, although the investigation is still ongoing. One hacker claimed that they were aided by a representative who did all of the work for them during the compromise. Another one claimed that they paid an insider for the job.
It has been determined that the internal tool was used to reset the correlated emails addresses of all the hacked account holders in order to make it almost impossible for them to retake control. The scammers had previously launched an attack using a cryptocurrency scam.
Twitter stated that hackers had already manipulated many employees using the social engineering technique to get sensitive information such as login credentials for their internal tools. Initial analysis by Twitter showed that no compromised accounts’ DMs were accessed. It was discovered that the DM inbox for 36 users had been accessed.
The scammers were able to reset passwords for 45 users while downloading the entire data, including private messages, of 7 users. (Earlier, it was mentioned 8 users’ data was downloaded. Perhaps the download was not completed for one user). It was even mentioned that