Latest news about Bitcoin and all cryptocurrencies. Your daily crypto news habit.
On Wednesday, a large number of Twitter accounts were compromised and the hackers used the accounts to tweet about a bitcoin doubling scam. According to multiple reports, a Twitter employee was paid to give the hackers an internal tool that let them leverage high-profile social media accounts.
It was a crazy day in the world of cryptocurrencies, as a massive number of high-profile people and organizations like Bill Gates, Apple, Uber, Barack Obama, Elon Musk, Jeff Bezos, Joe Biden, and many others had their Twitter accounts hijacked. After the incident, a number of armchair sleuths and investigative journalists uncovered a wealth of information about the Twitter issue.
The popular columnist Joseph Cox detailed that he obtained âleaked screenshotsâ of an internal tool that was used by the hackers. According to the report, Cox says that one of his anonymous sources revealed that the culprits âpaid [a] Twitter insider.â He also mentioned that Twitter was still investigating whether or not the employee leveraged the tool or merely allowed others to use it.
A tweet from the breached Joe Biden account after it was compromised by the hackers. The scammers used a common bitcoin doubler scheme in order to convince people to send bitcoin.
On Twitter, the Block Crypto analyst Larry Cermakâs recent Twitter thread gives a comprehensive look at the incident as well. Cermak says that it âall started at 2:16 PM ET with a known crypto account @Angelobtc asking for payment to join a fake telegram paid group.â
âThe takeaway is that the hacker started with large crypto accounts and stuck to only a few formats and addresses,â Cermak continued. âThe hacker then moved to non-crypto celebrities two hours after the first hack. They only used three BTC addresses. What I will say is that itâs totally unacceptable that it took Twitter to act as long as it did. At 4:17 PM ET it was absolutely clear to anyone that was paying attention that Twitter is compromised. It took Twitter 2 hours (at 6:05 PM ET) to start acting.â
Another finding stemming from Joseph Cox explains that U.S. Senator Ron Wyden complained to Twitter about using end-to-encryption (e2e) for direct messages two years ago, and the firm never acted upon the idea.
âIn September of 2018, shortly before he testified before the Senate Intelligence Committee, I met privately with Twitterâs CEO Jack Dorsey,â Wyden tweeted. âDuring that conversation, Mr. Dorsey told me the company was working on end-to-end encrypted direct messages.â The Senator continued:
Itâs been nearly two years since our meeting, and Twitter DMs are still not encrypted, leaving them vulnerable to employees who abuse their internal access to the companyâs systems, and hackers who gain unauthorized access.
You know what the real news is from this incident?
Someone appears to have root level access to Twitter. They OWN this platform. They are in GOD MODE. They can do ANYTHING they want on it.
And their top choice is to trick you into parting with your precious bitcoin.
â Jameson Lopp (@lopp) July 15, 2020
Many people are concerned about the direct message access, as any person who was hacked in the incident may have had their chat logs scraped. The organization Fight for the Future tweeted a petition to the masses in order to convince Twitter CEO Jack Dorsey to protect an accountâs direct messages. âItâs long past time for Twitter to implement default end-to-end encryption on direct messages,â the group said. The Electronic Frontier Foundation (EFF) director of cybersecurity, Eva Galperin, also told the public in a tweet that the EFF was also begging Twitter to implement e2e.
âTwitter wouldnât have to worry about the possibility that the attacker read, exfiltrated, or altered DMs right now if they had implemented e2e for DMs like EFF has been asking them to for years,â Galperin tweeted after the event.
The well known cryptocurrency expert and evangelist, Andreas M. Antonopoulos had to use his alternate account because he got locked out of his official Twitter account.
In addition to the famous people and organizations that saw Twitter accounts compromised, the crypto community has been abuzz with the conversation. The blockchain intelligence researchers, Whitestream, believe that some of the bitcoin addresses used during the Twitter incident sent funds to known Bitpay and Coinbase addresses. Twitter also responded to the hacking incident and noted that it was aware of the coordination with an insider. Twitter said:
We detected what we believe to be a coordinated social engineering attack by people who successfully targeted some of our employees with access to internal systems and tools. We know they used this access to take control of many highly-visible (including verified) accounts and Tweet on their behalf. Weâre looking into what other malicious activity they may have conducted or information they may have accessed and will share more here as we have it.
By the end of the day, armchair sleuths noticed that the hackers raked in more than $114,000 worth of BTC and sent out more than half of the funds to external wallets. Moreover, the accounts that were hacked had an aggregate total of close to 140 million Twitter followers.
Speaking about the subject in an email sent to news.Bitcoin.com Danny Scott, CEO at Coincorner, commented on the Twitter hack fiasco.
âItâs also highly unlikely the hacker did this for monetary gain,â Scott said. âContrary to what many people still believe, bitcoin isnât anonymous and all eyes around the world will now be on these bitcoin addresses, and can track where it moves via Bitcoinâs public blockchain.â Scott concluded by adding:
Itâs a shame that people are now associating Bitcoin with this Twitter hack as Bitcoin itself has never been hacked and wasnât the problem in this scenario. The problem was a centralised service (Twitter) which I feel helps emphasize the benefits of Bitcoinâs decentralised nature and how an attack like this could not occur on Bitcoin.
What do you think about the massive Twitter breach and the findings after the incident? Let us know what you think about this subject in the comments section below.
The post The Twitter Hack Fiasco: Compromised Internal Tool, Paid Insiders, Direct Message Fears appeared first on Bitcoin News.
Disclaimer
The views and opinions expressed in this article are solely those of the authors and do not reflect the views of Bitcoin Insider. Every investment and trading move involves risk - this is especially true for cryptocurrencies given their volatility. We strongly advise our readers to conduct their own research when making a decision.