Top Twitter Accounts Prove Vulnerable in Bitcoin Scam

Bitcoin, the world’s very first cryptocurrency, was recently involved in a major, high-profile scam that targeted some of the world’s most popular Twitter accounts. A number of accounts were compromised, and Tweets were sent out offering to double any donations of Bitcoin.

While the scam itself was an obvious one, and therefore relatively easy to spot and shut down, the hack itself raises serious questions about the security of Twitter, and social media platforms in general.

What Happened?

On Wednesday 15 July, a number of prominent American celebrities, politicians and tech entrepreneurs had their Twitter accounts compromised. Their accounts all posted a similar message:

            ‘I am giving back to the community. All Bitcoin sent to the address below will be sent back doubled! If you send $1,000, I will send back $2,000. Only doing this for 30 minutes.’

The messages included a link to a Bitcoin wallet to which people were supposed to send money.

Twitter is no stranger to scams. The social media platform has for a long time dealt with fake accounts claiming to be high-profile public figures requesting Bitcoin donations. These fake accounts post messages like the one above, asking for donations and promising to double them. The scam on 15 July was different because instead of the hackers trying to acquire funds through their own accounts, they managed to infiltrate those of real people and post messages from them.

In an attack which Twitter said was ‘coordinated’, many of the platform’s most followed users were compromised. The list includes Joe Biden, Kanye West, Barack Obama, Elon Musk, Jeff Bezos and Bill Gates, among others. Companies such as Apple and Uber were also targeted.  

Of course, Twitter was quick to realise what was going on and temporarily blocked users from being able to post Bitcoin wallet links in their Tweets. It also deleted the offending Tweets.

However similar Tweets were posted again by the hackers, proving that they still had control over the accounts. In the end, Twitter was only able to regain control and prevent any more scam Tweets from being posted by suspending all verified accounts on the platform.

But not before over 300 donations had been sent to the Bitcoin wallets promoted in the fraudulent Tweets. This totaled more than $100,000 worth of Bitcoin.

Why Bitcoin?

Bitcoin is designed to be a completely anonymous online currency. Basically, with this cryptocurrency you’re able to make transactions without having to reveal any public details. It’s frequently used in online fraud or extortion because once someone transfers funds, it’s practically impossible to recover them or for the victim to get compensated.

The Purpose of the Scam

Considering the high profiles of the victims, security experts initially feared that a hostile foreign power such as North Korea might be behind the attack.

Luckily, it seems that those who carried out the scam were only in it for the money. They sent out the Tweets asking for donations and specified that you could only get your money doubled if you responded within the next half an hour. The hackers put this in to encourage people to send donations as quickly as possible, as they knew it wouldn’t be long before Twitter realised what was going on and took the Tweets down.

What many have pointed out is that those behind the scam could have done a lot more damage. They managed to get access to many of the world’s most followed Twitter accounts, and yet all they did was send out some Tweets asking for Bitcoin - they could have easily done significantly worse.

For example, they could have posted Tweets that were harmful to particular people or companies, or even the account holders themselves. In a way, the owners of the compromised accounts were very lucky indeed that nothing more serious was done.

In fact, given the influence of the social media giant in the world of business and politics, the U.S. Congress itself is now demanding answers about how the hack happened and can another one be prevented.

The Implications

What the scam has shown is that social media platforms aren’t 100% safe and can still be attacked. Even though these platforms use all the latest security technology and software to keep their accounts protected, they are still vulnerable.

Twitter accounts have multiple levels of security both on the provider and user end. Yet these were effectively and simply bypassed by exploiting the one factor you cannot write code against – human weakness.

As we mentioned earlier, the hack was not carried out by a team of highly trained cyber warfare operatives in the service of a foreign power as was initially feared.

Instead, as investigations have revealed, it was the work of a loose group of young, amateur hackers obsessed with owning social media accounts with short names.

In a typical social engineering attack, they were able to gain access to Twitter’s internal tools and take control of the accounts by manipulating employees of the company, as it admitted in this statement

“At this time, we believe attackers targeted certain Twitter employees through a social engineering scheme. What does this mean? In this context, social engineering is the intentional manipulation of people into performing certain actions and divulging confidential information.

The attackers successfully manipulated a small number of employees and used their credentials to access Twitter’s internal systems, including getting through our two-factor protections. As of now, we know that they accessed tools only available to our internal support teams to target 130 Twitter accounts. For 45 of those accounts, the attackers were able to initiate a password reset, login to the account, and send Tweets. We are continuing our forensic review of all of the accounts to confirm all actions that may have been taken. In addition, we believe they may have attempted to sell some of the usernames”.

All of this has led to renewed debate on the role of social media in our lives. Twitter is used as a

news and information channel by both governments and businesses. Politicians use it to announce policy changes or their position on an issue. Not to mention personal communication through private messages.

Yet we have now seen that not even verified accounts, supposedly the most trusted and secure, are safe from takeover. And the implications are terrifying.

“The ability of bad actors to take over prominent accounts, even fleetingly, signals a worrisome vulnerability in this media environment — exploitable not just for scams, but for more impactful efforts to cause confusion, havoc, and political mischief,” as Sen. Warren, the top Democrat on the Senate Intelligence Committee, put it.

Conclusion

The immediate focus is on how to limit the impact and success of such attacks on social media. But both lawmakers and the general public will, sooner or later, also have to face a much more complex question “How to limit the impact of social media on our lives?”.