Nordic IT Security
Featuring: The Stay Secure Bulletin

Your weekly 2 minute must read

Unusual attack, common method!

Some high-profile social media accounts/IDs were hacked at the same time earlier this week by cyber criminals to spread a cryptocurrency scam. Some of them have millions of followers.

Author Saif Ahmed Bhuiyan | NITS DiGi, July 17, 2020

Big names such as Apple, Elon Musk and Joe Biden among others accounts were hacked. A message was posted from their accounts stating “All bitcoin sent to the address below will be sent back doubled”.

Although it is a very well known technique in regards to cryptocurrency scamming, however mystery was unsolved for hours after accounts were compromised.

After the initial attack, hackers targeted other big names such as Kim Kardashian West, Jeff Bezos, Bill Gates, Barack Obama, Wiz Khalifa, Warren Buffett, YouTuber MrBeast, Wendy’s, Uber, CashApp and Mike Bloomberg and they have also posted the same cryptocurrency scam.

Legendary investor Warren Buffet’s account was compromised as well, when he is a prominent and harsh critic of cryptocurrencies like bitcoin. Buffet told CNBC in February “I don’t have any cryptocurrency and I never will,”.

The cyber criminal took advantage of an internal admin tool to have access to these high-profile accounts. It was confirmed soon after the attack and it was confirmed by Twitter’s own account of what happened. While we are educating ourselves about the specifics of this hacking, it was mentioned that, “a coordinated social engineering attack” on employees gave a hacker “access to internal systems and tools.”

From Twitter

Unusual attack, common method!  

Cyber criminals often target accounts which have given away money or cryptocurrency which made the scam more credible. This wasn’t the first time a scam like this took place however the method was somewhat new which is making it difficult for defenders to handle. Although it seems like it was very simple to understand that it was a scam, however it worked just fine. The site used by hackers has already collected more than 12.5 bitcoin which ‘round $116,000 in USD and it’s increasing by the seconds.

According to a spokesperson mentioned that, “The security team is actively investigating the situation of this coordinated attack on the crypto industry.” Many other organizations were affected by the hackers and they did not promptly respond to the request for the comment.

It took time to be aware of the fact that how these accounts hack took place. According to Information Security researchers, the cyber criminals took full control over the defenders’ accounts, and also changed credentials associated with the accounts to make it more difficult for the original user to have access back.

It is known that Twitter is quite prompt to shut these accounts when such scams take place with big shots such as celebrities, politicians or public figures.

A Twitter spokesperson, when reached, said the company was “looking into” the matter but didn’t immediately comment.


Related Posts