Twitter Accounts Hijacked in Bitcoin Scam

In “2020 couldn’t be any crazier” news, Twitter has been targeted for its huge influence, and those influential players—specifically a subset of individuals who had verified accounts—were targeted to promote a cryptography scam that had far reaching implications, given their extraordinary foothold on some of Twitter’s most active players.

Some of these accounts had thousands of followers. Others had millions. Some of the accounts were brands that focus on cryptography. Others were support-focused brands (e.g. Apple). Others were influencers. Others were members of the media. Others were politicians.

Twitter’s acknowledgement came immediately thereafter, with the company stating that they’re aware of a “security incident” impacting many accounts on the platform. The domain referenced in the tweet was immediately removed at the first report by the domain name registrar, Namesilo, but the damage to Twitter in its intrusion was far reaching and has continued for over an hour since the report came in.

 

What Twitter did was a rash decision of banning all users who were verified by preventing them from posting on the platform altogether. Twitter accounts with the verified checkmark, instead, were told their tweets couldn’t be sent, both on the top of the page and on the bottom, and couldn’t leverage a third party tool like HootSuite or Twitter’s own tool, TweetDeck, either.

It’s suspected that the break-in happened at a very high level, perhaps on the Twitter employee panel, that allowed multi-factor authentication to be bypassed and thus permitted an attacker to get into the account:

We won’t know right now as Twitter actively investigates and prohibits all verified accounts from posting (at press time, they’re still unable to tweet). 

In the meantime, what can we learn from this? Even the most secure of accounts can be compromised, especially when the systems these accounts reside upon aren’t protected enough. Whether that’s through weak coding infrastructure, social engineering, or a combination of the two, we may not know for a while, but we’re hoping to have some answers soon.

Topics :

PureVPN PureVPN is a leading VPN service provider that excels in providing easy solutions for online privacy and security. With 2000+ servers in 141+ countries, It helps consumers and businesses in keeping their online identity secured.

Have Your Say!!

Join 3 million+ users to embrace internet freedom

Signup for PureVPN to get complete online security and privacy with a hidden IP address and encrypted internet traffic.

Shares