back to article Twitter admits 130 A-lister accounts compromised to promote Bitcoin scam after 'social engineering' attack

Twitter has said that around 130 accounts were targeted by miscreants this week as high-profile individuals and businesses had their accounts hijacked to promote a Bitcoin scam. The estimate comes days after the social media biz admitted the blitz – which snared the accounts of Bill Gates, Elon Musk, Jeff Bezos, Apple, Uber …

  1. AndrueC Silver badge
    Facepalm

    'The Bitcoin address in question has received almost $118,000'

    A fool and their money...

    Having seen some of the sample Tweets I'm saddened that anyone fell for it but not hugely surprised.

    1. Charlie Clark Silver badge

      Complete this sentence: Twitter is for tw*ts.

      1. MatthewSt Bronze badge

        Bitcoin is for bats?

    2. Anonymous Coward
      Anonymous Coward

      @AndrueC - Every five minutes a sucker is

      logging in to his Twitter account.

  2. Mr Sceptical
    Holmes

    Follow the money?

    Any guesses on which country the currency is extracted through?

    1. Version 1.0 Silver badge
      Holmes

      Re: Follow the money?

      The only country scamming for money is North Korea and they are very good at it - which is odd because this scam wasn't that efficient. Rather than tracking the total amount, how many transactions were there and when did they take place?

      But when a scam like this happens all we know is what happens, knowing who's behind it is just guesswork.

      1. Charlie Clark Silver badge

        Re: Follow the money?

        Doesn't have to be a country and who knows if pushing the scam was all the were interested in?

        But, as long as it's just Twitter, who really cares?

    2. Velv Silver badge
      Big Brother

      Re: Follow the money?

      I wouldn't put it past the US authorities to conduct such a high profile attack, it gives them fodder when they demand more rights.

      "See, if only we had back doors we could trace where these terrible hackers were and put them in jail for 300 years"

  3. Anonymous Coward
    Anonymous Coward

    A foolish move

    Never harm people who have the influence to turn the FBI onto you hard and the money to use other means to hurt you if you are beyond the FBIs direct reach

    1. BillG
      Devil

      Re: A foolish move

      This reminds me of a line from the TV show Law & Order, "Never attack people with virtually unlimited money, for they can afford to be vindictive and indulge their whims."

      1. X5-332960073452
        Megaphone

        Re: A foolish move

        Vinod Khosla

  4. vistisen

    What I want to know is whose account raised the most money? Who has the stupidist followers? While I'm sure that some of the people who were fooled by this rather obvious SCAM are desperately trying to make ends meet, and I feel sorry for them. But for all the others, you lost what you deserve for being so greedy and stupid. Why on earth would people like Bill Gates and Obama want to send you bitcoins? You should have sent your money to me. I really will send it back doubled… Honest!

    1. Dave 126 Silver badge

      > What I want to know is whose account raised the most money?

      I don't believe there is any way of ascertaining that, though my understanding of bitcoin is limited.

  5. Dave 126 Silver badge

    Not very ambitious?

    Just over 100,000 dollars seems like a small haul compared to what could have been made by using the fake tweets to manipulate the stock market... ...though I guess it would be easier to trace people who made suspicious trades just before the fake tweets.

    1. Claptrap314 Silver badge

      Re: Not very ambitious?

      My understanding is that the blatant insider trade at the start of the 2008 mortgage collapse was never traced. I don't know any more than that.

    2. Velv Silver badge
      Holmes

      Re: Not very ambitious?

      "...made suspicious trades just before the fake tweets"

      A well planned attack would have traded weeks before the attack tweets. Just proves these were not sophisticated crooks.

  6. 2+2=5 Silver badge
    Facepalm

    Your passwords are safe - phew!

    > Today, the Twitter support account said it had no evidence that attackers accessed passwords.

    So, Twitter accounts themselves weren't compromised but there was social engineering. Which means the attackers compromised Twitter admin accounts and then sent out those scam tweets. Let that just sink in for a moment: Twitter staff can send tweets from anyone's account as if the account owner had sent them.

    Why is that even a function in the system? Suspend an account: yep. Delete a tweet: yep. Delete an account: yep. But impersonate a user?

    Perhaps it's not that kind of breach at all. Maybe the attackers social-engineered access to the 'fake twitter accounts department' - the one that is used to pretend to advertisers that there are 100m active users every second of the day.

    1. Phil Koenig

      Re: Your passwords are safe - phew!

      The attackers apparently did 2 things on the targeted accounts with the admin creds they gained access to (apparently via social engineering), which are standard admin tasks:

      1) Disabled 2FA if enabled

      2) Reset the associated email account to an account under their control

      Once they had control of the linked email accounts (and with 2FA disabled) they could send password reset requests and at that point they effectively owned the accounts.

      None of that discounts the fact that Twitter is incompetent here - in fact I think they are grossly incompetent.

      And this also highlights the folly of making access to a particular email address a critical part of any account's so-called "security".

      It's not much better than your bank giving someone else access to your account if they are wearing the same brand of shoes you wear.

    2. John Brown (no body) Silver badge
      Thumb Down

      Re: Your passwords are safe - phew!

      "Twitter staff can send tweets from anyone's account as if the account owner had sent them."

      Did you read the article? It seems more like the red veil of rage descended before you got to the end then came here to vent.

      1. 2+2=5 Silver badge

        Re: Your passwords are safe - phew!

        @John Brown -- I refer you to this paragraph, my emphasis:

        It appears the hijackers were able to, directly or indirectly, access an internal Twitter control panel disable multi-factor authentication on the popular accounts and change their email addresses, at least in some cases, allowing passwords to be reset and profiles taken over.

        So some of the accounts had fake Tweets sent because the owner's email had been compromised. What mechanism do you suggest was used to send fake Tweets from the other affected accounts?

        1. John Brown (no body) Silver badge

          Re: Your passwords are safe - phew!

          I think your moniker is appropriate in this case. The paragraph you quote explains how an account can be hijacked. That's not quite the same as Twitter staff being able to send a Tweet as anyone whenever they feel like it, nor does it state anywhere that the customers email accounts were hijacked. It quite clearly states that anyone with access to the control panel can CHANGE the users notification email address AND turn off 2FA, thus allowing said person to then change the Twitter account password. The ONLY account compromised is the Twitter account and it can't be put back "as it was", hiding the tracks of the hijacker so no, Twitter staff can't just pretend to be any account holder at a whim.

          1. 2+2=5 Silver badge

            Re: Your passwords are safe - phew!

            @JohnBrown

            Repeating your previous explanation won't change the fact that it only explains how some of the accounts were subverted. You might not like my idea but you've not put up an alternative.

  7. MrDamage

    Grand Exchange Doublers

    Anyone who has played more than 30 minutes of Runescape would have known not not fall for this.

    1. Qumefox

      Re: Grand Exchange Doublers

      And the ISK doublers in EVE online, and probably any other game that has trade-able currency.

  8. quartzz

    so Twitter's had it's front door blown wide open... :cowboy emoticon:. is anyone else starting to get generally fed up of social media? bad (shadow) censorship, bad/impossible to police. & so on. "the first 5 years were ok"

    1. werdsmith Silver badge

      Social media is a net negative and the worst effect of it is yet to be discovered,.

  9. Efer Brick

    The real money

    Made shorting Twitter stock?

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2020