This story is Developing.
Crypto Twitter Hack Under Attack
Early this afternoon, a massive coordinated attack is believed to have been conducted on well-known twitter accounts. In a number of tweets that have since been taken down, the Binance twitter account posted and then pinned a message asking users to visit a fraudulent website.
Thankfully, these posts are being quickly taken down, presumably by the genuine owners of the twitter accounts. The rapid deployment of these tweets could indicate that the twitter accounts were not hacked directly, but that a third-party app they used had been compromised. Tools like Buffer or Hootsuite allow users to send out tweets on a schedule, even giving other users the ability to post.
Another more terrifying possibility is that the Twitter API has been hacked, or a zero-day exploit has been exploited. Either of these scenarios paints a dark picture for Twitter as it means their underlying architecture is compromised.
The Daily Chain has reached out to Twitter for comment.
The Binance CEO, CZ, was quick to denounce the post. Minutes later, CZ fell prey to the same Tweet.
The crypto exchanges Gemini, Coinbase, Bitfenix, and KuCoin soon began tweeting the same scam.
And the news outlet Coindesk.
And Justin Sun and the Tron Foundation
Charlie Lee, creator of Litecoin, and the Bitcoin account followed.
The speed at which this was executed is eye-opening. A different scam quickly popped up, this time targeting other large Twitter accounts. While it could be a different group behind this, the timing suggests simply a change in tactics by the original scammer.
Elon Musk and Bill Gates were among those accounts compromised.
And another variation on the theme for Cash App.
The fraudulent website seems to be switching Bitcoin addresses to spread out the ill-gotten funds. On address, bc1qxy2kgdygjrsqtzq2n0yrf2493p83kkfjhx0wlh, has already received over 0.65 Bitcoin.
Popular Crypto Twitter @AngeloBTC was hacked prior to the more widespread attack. Around 11 am PST today his account sent out a tweet announcing his intention to open a private trading group on Telegram, charging 0.1 BTC for a lifetime membership.
Crypto Twitter was quick to flag the tweet, which has since been taken down. Earlier today the Bitcoin address 1Ai52Uw6usjhpcDrwSmkUvjuqLpcznUuyF had 4.46 BTC worth over $41,000. This address was created on 5/3/2020 with the majority of the transactions occurring today. The account has since been emptied, sending all the BTC to a brand new address 3ChjurNXe6eJrgvF3Hz4Hw4rEgSRkkCeN5.
CryptoCobain on Twitter reached out, confirming that the account was hacked.
AngeloBTC has been a mainstay in the crypto markets. At one time topping Bitmex’s trading leaderboard and amassing a Twitter following of 151k.
Sadly, any increase in Bitcoin’s value will draw scammers and hackers. It is unknown how AngeloBTC’s account was compromised but speculation is possible.
These recent breaches are a strong reminder to protect personal data. SIM Swaps are perhaps the most nefarious hacking technique in recent times. After identifying a Bitcoin holder, hackers will contact cell phone carriers and port the victim’s phone number to a new phone. Once they have control of the phone number the hacker can gain access to email addresses and exchanges where the victim’s Bitcoin is held.
This also allows them to control social media accounts, Twitter included. From there they need only to create a Bitcoin address and begin requesting donations.
The Daily Chain recommends you take the following steps to protect yourself from hacks. These are all well-practiced security measures
- Use 2fa
- Use a password manager
- Consider a hardware wallet
- Watch out for phishing
- Look after your private keys
- Do your own research
- Stay anonymous
- Trade safely
More details on protecting yourself from scammers can be found here.