The massive hack on Twitter that affected the verified official accounts of several important companies and entrepreneurs, and even the Twitter Support account itself, is causing a total stir within the social network.
Starting this Wednesday afternoon, the platform Twitter is suffering a massive hack of important accounts with millions of followers to promote a scam and strip users of their bitcoins. And although, fortunately, many have already posted publications warning the community of the scam so as not to fall into the trap, the truth is that the Bitcoin address illegally promoted already has 381 transactions and 12,85345191 BTC as of the date of this publication. This is 18 more transactions from people who are still sending their funds to this fraudulent address.
Among the hacked accounts are those of billionaires, tycoons and businessmen such as Bill Gates, Elon Musk, Jeff Bezos, Warren Buffett, Kanye West, Barack Obama, Joe Biden y Mike Bloomberg. In addition to the official accounts of important technology and cryptocurrency companies and companies such as Apple, Uber, Cash App, Gemini, Coinbase, Binance, Kucoin, CoinDesk, SatoshiLite, Tron Foundation, Bitcoin, Ripple y Bitfinex, among others. The current list amounts to more than 25 official accounts affected by the attack that were verified by the social network and had two-factor authentication (2FA).
Something that leads us to ask ourselves a big question How was this massive attack possible? Also What are hackers doing these days? Have the companies and research firms already discovered who or who are behind the attack? What does the crypto community think about it? Let's see.
It may interest you: Massive hack on Twitter: More than 20 accounts of important cryptocurrency companies and entrepreneurs were hacked
Investigations and hypotheses on the execution of the attack
Both Twitter's technical team and analysts from other companies and research firms are conducting studies to determine how hackers were able to carry out these attacks and control the accounts of several personalities and organizations simultaneously.
The first to point out evidence and formulate a possible hypothesis was the magazine VICE through a publication where it shows screenshots of one of the Twitter platform administration tools, which according to the magazine were provided by hackers. These screenshots, which by the way were published by several users and then deleted by Twitter because they considered that they revealed confidential information, show how several of the affected accounts were controlled by hackers.
For example, the screenshot of the official @binance account shows that the email address associated with this account was changed from the Twitter administration panel. And, to gain access to this control panel, the hackers had the help of an important employee of the platform, VICE reveals.
Direct contact with those responsible for the attack
According to the report, VICE was able to speak with four sources close to the hackers involved in this attack, who requested complete anonymity to be able to express themselves frankly about the events that occurred. First, one of them, presumed to be one of the hackers, pointed out that a Twitter representative was the one who literally did all the work for them, while another argued that they paid a top employee to provide them with access. to the platform and be able to take control of the accounts.
"We used a (Twitter) representative who literally did all the work for us."
The other two sources close to the attack indicated that in addition to changing the emails associated with the accounts, they also manipulated the linked phone numbers to take control of the desired accounts.
Jack Dorsey, CEO of Twitter, speaks out
According to a Twitter spokesperson, the platform's technical team is carrying out the relevant investigations to discover if one of its employees was involved in this hack, or if, in this case, it was the employee himself who took over the accounts to carry out carry out the scam and receive money. However, the platform's official position is that this was a very well-coordinated and executed social engineering attack, where several cybercriminals successfully targeted some of its employees with access to the platform.
For his part, the CEO of the platform, Jack Dorsey, said that the team of investigators will continue with their work until everything that happened is clarified, and announced that on behalf of the organization “We all don't feel very bad about what happened.”.
Likewise, among the immediate actions implemented by Twitter, after confirming the attack, is the blocking and temporary suspension of the affected accounts, although a few hours later the accounts were activated again. Twitter Support reported that these measures can be reimplemented if necessary, but that they are working to get the platform back to working correctly and normally in the shortest time possible.
Are Twitter hackers moving funds?
An ongoing investigation by Whitestream, a blockchain research and analysis firm reveals that the Bitcoin address used by hackers to receive funds had previously been used to send money through exchanges Coinbase y Bitpay.
Although it is not clear why the hackers used an old and well-known address to execute the attack, since this is easily traceable by the exchanges that also have the owner's identification; Whitestream investigations indicate that the transactions sent to said address are likely to be related to commercial use, something that may hinder the course of investigations.
What are affected companies and blockchain research firms doing?
Several of the companies affected by the Twitter hack have spoken out in relation to the attack through different networks. For example, the founder of Tron, Justin Sun, is offering a millionaire $1 million reward for those who manage to discover the people involved in this massive hack. Likewise, Sun claimed to be working together with Twitter teams to resolve this attack as soon as possible and find those responsible.
Likewise, several other companies such as Binance They are taking serious security measures to protect their accounts and assets, such as including the addresses involved in the attack on a blacklist so that none of their clients and users send money to them.
In reference to the fraudulent website “Crypto For Health”, investigations indicate that the domain was registered on the same day the attack on Twitter began. However, although the registered domain is not private, the residence address, owner's name, and phone number on the registration are fake, so the site was marked as a domain name. Phishing and it was closed from the internet.
The opinion of Twitter users and the crypto community
There is no doubt that after the hack of one of the largest social platforms on the internet, the cryptocurrencies, , Especially Bitcoin y Ripple, are becoming known to thousands or perhaps millions of people who have never heard of them before. It is estimated that the more than 25 affected accounts bring together an average of 136 billion people from around the world, so several in the crypto community consider that this event may have a certain positive effect for cryptocurrencies.
Even so, it is important to note that this is not a “crypto hack”, since none of the cryptocurrencies that the hackers illegally promoted in the messages published in these accounts were affected, nor were the funds of the exchanges or users that handle Bitcoin. , Ripple or another cryptocurrency. What happened with Twitter was a massive hack of the platform that made available to hackers the official accounts of several well-known personalities in different fields worldwide, and of several companies that provide technological and transportation services such as Uber, which they used to make Fake promotions in the name of those accounts to trick users into sending money to multiple addresses. Only people who believed what these publications said were the ones who sent funds to the promoted addresses.
For their part, experts in the crypto world such as Andreas Antonopoulos they tweeted that it was possible that the hack did not occur within the Twitter platform directly, but rather that another Twitter API publishing service was compromised.
Meanwhile, the Bit2Me News team continues to follow up on this news to keep the community informed of all the events related to this large-scale scam that Twitter users were victims of.
Continue reading: Bitcoin a solution for debanking
