Twitter hacked

CyberTech

Level 44
Thread author
Verified
Top Poster
Well-known
Nov 10, 2017
3,247
Elon Musk’s Twitter account has seemingly been compromised by a hacker intent on using it to run a bitcoin scam. Microsoft co-founder Bill Gates also had his account seemingly accessed by the same scammer, who posted a similar message with an identical bitcoin wallet address
 

Andrew3000

Level 11
Verified
Top Poster
Malware Hunter
Well-known
Feb 8, 2016
516
Probable hacker attack on the international twitter control panel.
A number of high-profile Twitter accounts were simultaneously hacked on Wednesday by attackers who used the accounts — some with millions of followers — to spread a cryptocurrency scam.

@bitcoin, @ripple, @coindesk, @coinbase and @binance were among the accounts hacked with the same message: "We have partnered with CryptoForHealth and are giving back 5000 BTC to the community," followed by a link to a website, which we are not linking to.

Some of the accounts were quickly back under their owners' control and tweets were quickly deleted. At the time of writing, both Binance and Bitcoin still had a tweet promoting the scam. @Apple also had its account hacked to push the same scam.

The scammer's website was quickly flagged by Cloudflare as a phishing site, but still accessible when clicked-through.

90$k scammed for now - Blockchain.com Explorer | BTC | ETH | BCH
 

[correlate]

Level 18
Top Poster
Well-known
May 4, 2019
801
Social media platform Twitter, earlier today on Wednesday, was on fire after it suffered one of the biggest cyberattacks in its history.
A number of high-profile Twitter accounts, including those of US presidential candidate Joe Biden, Amazon CEO Jeff Bezos, Bill Gates, Elon Musk, Uber, and Apple, were breached simultaneously in what's the biggest hacking campaign carried out to promote a cryptocurrency scam
.
1594879729259.png
 
Last edited:
F

ForgottenSeer 85179

Terminology clarification: The accounts are not being individually hacked as traditionally reported. The Twitter authorization system is being hacked or employee access abused for Account Takeover. You could argue this is semantics, but at least to me there is a difference.

(Got the retweet from Daniel Micay)
 

silversurfer

Level 85
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Well-known
Aug 17, 2014
10,048
 

RejZoR

Level 15
Verified
Top Poster
Well-known
Nov 26, 2016
699
Probable hacker attack on the international twitter control panel.


90$k scammed for now - Blockchain.com Explorer | BTC | ETH | BCH

I can't believe people are so dumb to believe Apple or Bill Gates would double the Bitcoin you send to them. Like, how gullible and basic you have to be? It's beyond hilarious and frankly I think people who sent BTC deserved it. Sorry, but you're beyond stupid. And I don't care if this opinion offends anyone.
 

EndangeredPootis

Level 10
Verified
Well-known
Sep 8, 2019
461
I can't believe people are so dumb to believe Apple or Bill Gates would double the Bitcoin you send to them. Like, how gullible and basic you have to be? It's beyond hilarious and frankly I think people who sent BTC deserved it. Sorry, but you're beyond stupid. And I don't care if this opinion offends anyone.
Humans arent perfect beings, we fall pray for the most stupid things possible, and still, not everyone has the same knowledge, for example, of most of us on this site right now, its like those who belive in conspiracy theories, people who doesnt take their time to look it up falls pray for them.
Not to mention many people who fall for this kind of stuff are people who perhaps didnt grow up with techonology or had the time or access to know these things.

From our standpoint it may seem stupid for anyone to fall for them, but its hard for the average joe to defend herself/himself against this kind of stuff, its why cyber attacks are so extremely common, not enough people are educated on how to avoid these things, even though its extremely easy by just saying "dont open random email attachments or links, especially those you didnt expect".
 
Last edited:

oldschool

Level 81
Verified
Top Poster
Well-known
Mar 29, 2018
7,043
It appears the world of Mr. Robot is not so fictional after all. Trust is breaking down the world over. Still, I have no sympathy for owners of the Twitter accounts or the fools who fell for this scam. It is simply more 21st Century spectacle. Enjoy the show, folks! :emoji_beer: 🍿

 

CyberTech

Level 44
Thread author
Verified
Top Poster
Well-known
Nov 10, 2017
3,247
Twitter has shed some light on the unprecedented attack on Wednesday that resulted in numerous takeovers of high-profile accounts including those of President Barack Obama, Democratic candidate Joe Biden, and Tesla CEO Elon Musk. In a series of tweets posted this evening under its support channel, Twitter said that its internal systems were compromised by the hackers, confirming theories that the attack could not have been conducted without access to the company’s own tools and employee privileges.

“We detected what we believe to be a coordinated social engineering attack by people who successfully targeted some of our employees with access to internal systems and tools,” the first tweet in a multi-tweet explainer thread reads. “We know they used this access to take control of many highly-visible (including verified) accounts and Tweet on their behalf.”

It seems as if Twitter is acknowledging here that numerous people appear to have been involved in the hacks, not just one individual, and also that numerous employees were compromised, too.

 

Ink

Administrator
Verified
Staff Member
Well-known
Jan 8, 2011
22,361
I can't believe people are so dumb to believe Apple or Bill Gates would double the Bitcoin you send to them. Like, how gullible and basic you have to be? It's beyond hilarious and frankly I think people who sent BTC deserved it. Sorry, but you're beyond stupid. And I don't care if this opinion offends anyone.
All praise the super-intelligent sheep. The head of global worldwide security who knows all, sees all and not at all gullible to handing 5$ to their child.

Jokes aside.

All scams have potential by gaining trust.
 

Kamer

Level 1
Nov 6, 2019
13
"Terminology clarification: The accounts are not being individually hacked as traditionally reported. The Twitter authorization system is being hacked or employee access abused for Account Takeover. You could argue this is semantics, but at least to me there is a difference."

(Got the retweet from Daniel Micay)

Twitter's security team, IMO, either sucks, or may be lying! Why put so much power in a "single point of failure," and then not even think about
this probable scenario? No (human!)one is monitoring this system? The most innocuous bad tweet would be Elon Musk making stock markets go crazy, with just one tweet!
 
Last edited:

fabiobr

Level 12
Verified
Top Poster
Well-known
Mar 28, 2019
561
"Terminology clarification: The accounts are not being individually hacked as traditionally reported. The Twitter authorization system is being hacked or employee access abused for Account Takeover. You could argue this is semantics, but at least to me there is a difference."

Twitter's security team, IMO, either sucks, or may be lying! Why put so much power in a "single point of failure," and then not even think about
this probable scenario? No (human!)one is monitoring this system? The most innocuous bad tweet would be Elon Musk making stock markets go crazy, with just one tweet!
Twitter security always has been not so good, it's nothing new.
 

upnorth

Moderator
Verified
Staff Member
Malware Hunter
Well-known
Jul 27, 2015
5,457
Last edited:

RejZoR

Level 15
Verified
Top Poster
Well-known
Nov 26, 2016
699
"Terminology clarification: The accounts are not being individually hacked as traditionally reported. The Twitter authorization system is being hacked or employee access abused for Account Takeover. You could argue this is semantics, but at least to me there is a difference."

Twitter's security team, IMO, either sucks, or may be lying! Why put so much power in a "single point of failure," and then not even think about
this probable scenario? No (human!)one is monitoring this system? The most innocuous bad tweet would be Elon Musk making stock markets go crazy, with just one tweet!

I mean this was obvious. One thing is gaining access to one user account via phishing, but seeing how many high profile accounts were involved, it could only mean someone gained access to Twitter controls. There is no way one would gain access to so many high profile accounts at once somehow and started spamming this thing.
 

CyberTech

Level 44
Thread author
Verified
Top Poster
Well-known
Nov 10, 2017
3,247
On Friday evening, Twitter issued its first full blog post about what happened after the biggest security lapse in the company’s history, one that led to attackers getting hold of some of the highest profile Twitter accounts in the world — including Democratic presidential candidate Joe Biden, President Barack Obama, Tesla CEO Elon Musk, Microsoft co-founder Bill Gates, Kanye West, Michael Bloomberg, and more.

The bad news: Twitter has now revealed that the attackers may indeed have downloaded the private direct messages (DMs) of up to 8 individuals while conducting their Bitcoin scam, and were able to see “personal information” including phone numbers and email addresses for every account they targeted.

That’s because Twitter has confirmed that attackers attempted to download the entire “Your Twitter Data” archive for those 8 individuals, which contains DMs among other info.




 

Gandalf_The_Grey

Level 76
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
6,505
EFF tells Twitter to encrypt DMs after hacking incident:
The Electronic Frontier Foundation (EFF) has reiterated to Twitter that it should subject all direct messages (DMs) to end-to-end encryption to provide users with more privacy and security. The digital rights organization has been calling for this for years but the most recent breach has pushed it to demand the feature again.

The EFF said that with hackers gaining access to admin tools at Twitter, encrypting the DMs would have meant hackers couldn’t have seen the contents of direct messages, offering more protection. The rights group also pointed to the fact that Twitter CEO Jack Dorsey reassured Senator Ron Wyden two years ago that end-to-end encryption was being worked on.

Earlier today, Twitter said in a statement that going forward it will be taking action to tighten up its security. It’s not clear what this tightening up will look like but hopefully, it will include end-to-end encryption for DMs.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top