The news broke recently that major US Twitter accounts were hacked in a Bitcoin scam.
The Twitter accounts of notable billionaires were hacked, on Wednesday afternoon. These included Amazon founder Jeff Bezos, Tesla founder Elon Musk, rapper Kanye West, Microsoft founder Bill Gates, and former New York Mayor Michael Bloomberg. Politicians’ accounts, including Joe Biden and Barack Obama, were also affected soon after. “I am giving back to the community,” the tweets read. “All Bitcoin sent to the address below will be sent back doubled!”. The link to the Bitcoin wallet is consistent throughout all the tweets, suggesting a cryptocurrency scam.
The bulk of the messages have been deleted, though screenshots remain of several affected accounts:
Twitter has acknowledged the problem, but we are still very short on detail. The Biden campaign stated that the platform locked his account immediately after the breach, and removed the tweet. As part of the Twitter’s effort to solve the problem, verified accounts were restricted from tweeting for several periods on Wednesday night. The internet was alive to rumours of the removal of the verification badge.
What’s the scam?
Hackers broke into the high-profile Twitter accounts and sent fake tweets offering $2,000 for every $1,000 sent to an anonymous Bitcoin address.
For instance, the message sent from Elon Musk’s account said, “All bitcoins sent to my address below will be sent back double the amount. If you send $1,000, I will send back $2,000.” Likewise, information spread from Bill Gates’ Twitter handle said: “Everyone is asking me to give back, and now is the time.”
How did they do it?
Whilst there has been no official announcement of the method the hackers used, there are strong and consistent rumours originating from those who should know the truth. It appears that high level administration accounts were compromised, possibly through some form of social engineering, phishing or some say an ex-employee. Doubtless the truth will out. Either way this is a timely remind to lockdown your admin accounts!
Lessons for us from Twitter accounts hacked
There are no free lunches and no easy money. As an investor, you should always doubt information or schemes that offer to you an opportunity to make quick money in a very short period. The financial victims were just greedy. The other victim is the end user who places their trust in a large organization that we should be able to be rely upon to secure our data.
“Hackers had complete access to Twitter. They could post anything from any account. But they chose to seek bitcoins through false promises. People should be more careful. Most crypto giveaways that ask for contributions are scams. We hope this brings awareness, and Twitter users do not fall for these kinds of scams again,” said Arjun Vijay, Co-Founder and COO, Giottus Cryptocurrency Exchange.
Emergency response
Twitter earlier had to take the extraordinary step of stopping many verified accounts marked with blue ticks from tweeting altogether. Password reset requests were also being denied and some other “account functions” disabled. You may be sure that behind closed doors the Twitter investigation with the assistance of the FBI will be exhaustive. The reputational damage from the Twitter accounts hacked can not be over estimated.
Does your business also need an emergency response?
We would strongly urge you to review who has adminstrator rights to your world. Are you immune to this cyber threat? At the end of the day Twitter suffered from poor house keeping by a large corporate.
Protect your business with LIS
With immediate effect, we will add our Office 365 Security package to all our customers, at no cost. Amongst other benefits this gives you a monthly review of all users with administrator access and alert/approval for any changes that may occur. Irrespective of whether the change came about through staff action, hacking or some form of social engineering. We would offer it to Twitter but that horse has bolted 😀.
A strong defence against cyber-crime is essential for your business. Protect your business data and sensitive information as it flows across your organisation. Our solutions enable us to understand where you are vulnerable. We can take proactive steps to help prevent and respond to threats, in order to reduce the potential risk to your business.
Contact the LIS Help Desk to migrate to Office 365 if you don’t already subscribe. Take advantage of our Office 365 Security Package special offer. Make sure your data and email are fully protected.
Our Office 365 Security Package is a bundle of software tools, that includes:
Finally, if you need them our managed anti-virus and anti-spam protection services can be deployed within minutes. LIS provides essential protection for your business, defending you from email viruses, spam and malware.