ChangeNOW on Twitter Hack
On Wednesday, Twitter went through an unprecedented attack: a number of accounts, both high-profile and small, were hacked and posted the message calling upon subscribers to send their BTC to a Bitcoin address and get twice as much in return. Fraudsters hacked accounts of prominent crypto figures including Coinbase, Gemini, the Tron Foundation, Charlie Lee, Justin Sun, CZ, and others.
Further on, the shockwave went far beyond the crypto space, when the same messages appeared in accounts of high-profile individuals such as Elon Musk, Joe Biden, Barack Obama, Bill Gates, Michael Bloomberg and others. Twitter suspended all potentially compromised accounts (later on, it turned out that all verified accounts had been suspended) and posted a statement that they’d started an investigation.
We are aware of a security incident impacting accounts on Twitter. We are investigating and taking steps to fix it. We will update everyone shortly.
— Twitter Support (@TwitterSupport) July 15, 2020
This attack shows the vulnerability of social media to this kind of data breach and raises concerns about their internal security, when accounts of high-tier personalities can be hacked, despite claimed multi-level security with just some social engineering and tools available for twitter employees, as far as we know it.
In total, hackers gathered around 15 BTC.
It’s Bitcoin’s fault?
The involvement of cryptocurrency in this scam reignited doubts of the general public about security of Bitcoin and crypto services in general. Peter Schiff even posted this tweet:
It looks like all verified Twitter accounts have been hacked by someone running a #Bitcoin scam. For once not being verified has its advantageous. I wonder if this is a harbinger of Bitcoin itself being hacked? Better to play it safe and just buy #gold.
— Peter Schiff (@PeterSchiff) July 15, 2020
Of course, the situation is quite the opposite. This hack again shows the vulnerability of centralized systems and social media having little concern about privacy and security. No Bitcoin address or project was hacked during this event, and they won’t be, as with proper precautions there is no fraudulent employee susceptible to social engineering on the other side holding your wallet’s private keys. (Except all the custodial services, but that’s a different story. We’re not about that.)
It is also good to know that from the whole multi-million audience of those people, only about 300 have fallen into the fraud and sent their BTC to the scammers. The old boring mantra about never sending cryptocurrency to unknown addresses and never sharing your private keys with anyone has finally become common knowledge.
What ChangeNOW does to prevent fraud
Our side has taken all the necessary security measures to ensure that in the case of the funds passing through us they will be promptly detained: we’ve monitored the situation as it unfolded closely and blacklisted all the addresses involved in the scam.
Unfortunately, scams like that tend to happen and we have a lot of experience helping law enforcement to detect and retain those funds. You can read about our methods of fraud detection on the Business Ethics section of our website, where we describe some of the most resonant cases in which we’ve successfully stopped scammers.
Stay safe, trade smart and don’t forget to renew your passwords once in a while!