In a simultaneous hack, the official Twitter accounts of @Bitcoin, @CoinDesk, @binance, @coinbase, @Gemini and many others are currently being affected in what is presumed to be an attack Phishing to trick users into sending their funds to fake addresses.
The hacker attack is not only focused on controlling the official accounts of important companies and companies that provide services related to cryptocurrencies, , but now they are also taking control of the official accounts of several businessmen and important personalities within the crypto ecosystem.
So far a total of 20 accounts affected on Twitter by the attack, and although there is still no knowledge of how it is being executed, what is clear is that cybercriminals want to steal users' funds, causing them to send their cryptocurrencies to false addresses.
The attack was recently announced through the account of CryptoWhale, where he notes that the accounts of @binance, @cz_binance, @AngeloBTC, @Gemini, @coinbase and several others are under attack.
Followers of these accounts are seeing fake messages and posts created by hackers with the intention of tricking them into stealing their funds.
It may interest you: Hacker manages to get more than 500 thousand dollars from the DeFi Balancer platform
Phishing attack through Twitter accounts When did the hacking start?
This unprecedented event has taken place since 19:00 p.m. this Wednesday, when several important accounts on the Twitter platform were hacked to bombard millions of users with a series of messages encouraging them to participate in an alleged bitcoin raffle held. by a fraudulent company called “Crypto For Health”. In fact, all the false messages and publications found in the different hacked accounts direct followers and Twitter users to this fraudulent site.
The attack began with the official account of @binance and then spread to 20 other major accounts in just a few hours. There is no knowledge of how this attack is being carried out, but the entire cryptographic community is placing special emphasis on the fact that users should not go to the indicated site or trust, for the moment, any of the publications or links that may appear on said sites. accounts. Likewise, several security companies recommend reporting messages and publications that users see as “strange” in other official company and user accounts.
What is the message that “Crypto For Health” sends?
In the accounts of companies and companies related to cryptocurrencies, the hackers issued publications indicating that they had partnered with this fraudulent company, and that they would be giving the community of users and followers a total of 5.000 BTC, indicating that to learn more about this little credible offer they should visit the Crypto For Health website.
“We have partnered with CryptoForHealth and are giving back 5.000 BTC to the community – We have partnered with CryptoForHealth and are giving back 5.000 BTC to the community.”
This is the message that can be read on the official accounts of: @Gemini, @coinbase, @cz_binance, @binance, @Crypto_Bitlord, @kucoincom, @CoinDesk, @AngeloBTC, @justinsuntron, @SatoshiLite, @Tronfoundation, @Bitcoin and @bitfinex, where hackers ask users and followers to participate in a drawing by sending money to supposedly receive double the amount transferred.
On the other hand, in the account of @Rippl to The message is somewhat different, and instead of mentioning the fraudulent website, the hackers directly left an address for users who fell for the scam to send their funds. The message reads:
“We are giving back 2.000 Ripple to random addresses that send over 1.000 Ripple to our COVID-19 fund. Every donor gets 1.000 XRP! – We are giving out 2.000 Ripple to random addresses that send more than 1.000 Ripple to our COVID-19 relief fund. Each donor will receive 1.000 XRP!”
Although a few minutes after the hacking of the @binance account, its CEO Changpeng Zhao noticed the scam and tried to warn the crypto community through a post on his personal account @cz_binance, the hackers deleted the post and also hacked this account.
Bill Gates, Elon Musk and Kanye West were also victims of the Twitter hack
The accounts of the billionaire tycoons who founded companies like Microsoft, Paypal, Telsa y SpaceX They also did not escape this massive attack that destroyed Twitter's security and two-factor authentication. Even the official accounts of @Apple, @CashApp y @kanyewest have been affected in this simultaneous and surprising attack.
Through Elon Musk's official account, @elonmusk, the hackers published a series of messages in which the tycoon supposedly indicates that he felt generous about the situation currently experienced by the COVID-19 pandemic, so he would begin to double any payment that users made to his address. Bitcoin. Then, through the same account, the hackers published another series of messages alluding to the fact that Musk had supposedly already delivered what was previously promised, and that he now promised to return $2.000 USD to all users who sent $1.000 USD to the BTC address. his. Himself modus operandi was applied in the accounts of @BillGates, @Apple, @JoeBiden, @uber y @kanyewest.
Several followers fell into the trap
Given this event, several in the cryptographic community begin to formulate their hypotheses about what is happening massively with Twitter accounts. The CEO of infinitybloc.io, Justin Giudici claims that this is one of the largest hacks to the platform to date, since the same scam is published over and over again through different accounts. Unfortunately, as of this publication, several users and followers have fallen for the scam and sent their funds in the hopes of receiving double their transactions.
Source: Blockchain.com
The BTC address massively promoted by hackers on Twitter already unfortunately has a total of 363 transactions and over 12,8 BTC valued at more than 117 thousand dollars at the current price of Bitcoin. And although most of the tweets posted to the hacked accounts have been deleted, the attack is still ongoing.
A message to Twitter hackers
To make the Twitter episode even stranger, a series of transactions added a bit of mysticism to the attack. in the transaction 54215bf9b24db3dbf3463f305128caa0c6ac5be8fd6e7d5d534f494855fd1689, we can read the following message in a series of Vanity address:
“Just read all transactions output as text, you take risk when using Bitcoin for your Twitter game, Bitcoins traceable, why not Monero”
Which in Spanish we can translate as:
“Just read all transactions as text, this is what you risk when you use Bitcoin for your Twitter game, bitcoins are traceable, why not use Monero?”
Source: Bit2Me Explorer
The message has so far been repeated six times showing what appears to be custom generated addresses. Although it is most likely that these addresses do not have an associated public and private ECDSA address, the way in which they have been used to leave a clear message to the Twitter attacker is very striking.
A shadow of doubt about Twitter workers
On the other hand, it seems that the epicenter of all these attacks has to do with unauthorized access to Twitter's account control platform. Access could have been given through coercion by a Twitter worker or through a cyber attack on one of them with access to the system. The possibilities of this type of actions are considered by the famous VICE, who have had access to exclusive material showing screenshots of the Twitter control platform. On the other hand, the full extent of the attack is unknown and Twitter has not yet provided further information about what happened.
NOTE: THIS IS AN INFORMATIVE ARTICLE. ANY READER OR USER IS NOT RECOMMENDED TO ENTER THE CRYPTOFORHEALTH WEBSITE, AS THIS IS A SCAM THAT MAY PUT YOUR FUNDS AT RISK. DO NOT CLICK ON ANY LINK RELATED TO THIS WEBSITE AND IGNORE ALL PROMOTIONS, MESSAGES AND OFFERS THAT MAY DIRECT YOU TO THIS FRAUDULENT PAGE.
Continue reading: Kraken Security Labs detected a security vulnerability in Ledger hardware wallets