Crypto Twitter is at the present still abuzz with the latest of cryptocurrency scams happening on the social media app, which involved the accounts of famous global personalities such as Bill Gates, former US President Barack Obama, Elon Musk and Amazon founder Jeff Bezos, and companies such as Apple and Uber. Tweets promoting an exclusive Bitcoin scam for a limited time of 30 minutes in most cases were sent out on multiple ‘blue tick’ accounts.
The narratives for the scam were nearly identical across all affected accounts save for minor differences. The tweet from Obama’s account, for example, played on the COVID-19 pandemic crisis while the one from former US Vice President Joe Biden’s went straight to the point, but both were encouraging their followers to send $1,000 worth of Bitcoin (BTC) to a specific wallet address in return for a $2,000 return.
The scam has managed to get away with more than 11 BTC (~$100,000).
According to The Guardian, Twitter confirmed that hackers gained access to its employees accounts and data, which allowed them to breach Twitter’s platform. Aside from being able to control “internal tools”, it is unclear if any personal data and important information were stolen at the same time. Even after the scam tweets were removed, hackers simply posted the same tweet again later.
“The likelihood of attacks like this increase when people are working remotely. It is much easier for bad actors to impersonate someone through an email and gain access to their accounts. Assuming this wasn’t someone inside Twitter trying to take revenge, it appears to be a spear phishing attack – someone who has access to admin privileges that can override two-factor authentication and strong passwords fell victim to a hack,” said Douglas Schmidt, a computer science professor.
In response to the attack, Twitter had to suspend tweeting functions for all verified accounts temporarily in an unprecedented move. While it was restored shortly after, the implications of this incident are grim. Experts point out that there is no telling how much data has been compromised with access to Twitter employee tools, which allowed them to utilize the accounts of influential individuals and companies, each of them with millions of followers.
Investigations are currently ongoing to determine who the perpetrators of the attack are.