Twitter wide Bitcoin Scam

Apple, Elon Musk, Kanye West, and other accounts are tweeting a bitcoin scam in giant Twitter hack

You’d assume they have better passwords than ‘PaSsWoRd69’ but obviously not

1 Like

Maybe it was 123456

3 Likes

Twitter just blocked posting from all verified accounts and blocked changing passwords. It seems the hackers were able to bypass both password checks and 2FA.

Given what they could have done with an exploit that powerful, it seems wierd to burn it on a shitty bitcoin scam…

4 Likes

Yeah imagine all the blackmail content in the DMs , not to mention passwords.

As someone mentioned you could short or boost stocks and make a killing, but you’d need money to lay out and that could be traceable.

There’s no reason they didn’t do that in the background, and then decided to also do the scam and get some extra cash (or merely wreak havoc and ruin the platform’s reputation - their wallets may never end up cashed out).

There’s speculation out there that API changes were scheduled to be rolled out tomorrow, so maybe they had the exploit for a while and were using it silently (to harvest DMs for future blackmail?), but due to concerns that the change would fix the vulnerability they decided to use it one last time for the scam.

What I find very irresponsible though from Twitter’s side is that they left the platform online despite having an ongoing, uncontained breach with noxious external side-effects on the entire world (I’d argue they got lucky it was “just” a cryptocurrency scam).

On that note, does anyone know where I can buy the world’s smallest violin?

Edit: seems like a social engineering attack on Twitter staff: https://twitter.com/TwitterSupport/status/1283591844962750464

1 Like

Someone with that much access and not enough common sense is too much of a risk. I hope Twitter will review their employee access permissions and security practices

Is it possible to see how much money was sent to a bitcoin address? I’ve got a feeling they would have made a significant amount of money from this.

Just a shame Monzo will block their accounts when they try to withdraw it all :sweat_smile:

2 Likes
3 Likes

Wow, just the £94k then!

I saw some tweets saying they made millions last night. You’re right, some other things would have gained more notoriety but these big stars are unlikely to be successfully blackmailed, and they’ve got untraceable money from it!

Brian Krebs thinks it’s a 21 year old from Liverpool