Updated 07-16-2020 to include information gained by Vice’s Motherboard
Twitter suffered what appeared to be a major breach midway through the day today when dozens of high-profile accounts ranging from former president Barack Obama to Apple in an attempt to peddle a bitcoin scam. Many of these accounts were protected using multi-factor authentication, indicating the attacker either had an inside connection at Twitter or exploited a vulnerability in the platform or a connected app.
Vice’s Motherboard appears to have confirmed through several sources that the attackers gained access to an internal administrative control panel by paying a Twitter employee. If this is indeed the case, it makes this incident the most prominent example of insider threats in recent history.
Most of the compromised accounts showed a similar message, promising to double any Bitcoin sent to a wallet address posted in the message. One of the wallets associated with the scam has so far received over $100,000 in Bitcoin today alone, indicating the attackers have been enjoying success. At around the same time as the compromises targeting major individuals and corporate accounts, nearly every cryptocurrency-related twitter account posted a similar scam advertising a fictitious fund called CryptoForHealth.
At this time, Twitter has not confirmed how the cybercriminals managed to compromise so many accounts. Twitter has remained quiet so far, telling press only that they are “looking into” the issue. So far, all of the compromised accounts were relatively high-profile individuals and companies. That said, you should still monitor your account for any unauthorized access or posts until Twitter publicly discloses the cause of the breach.
Associated Bitcoin wallets and funds received (updated: 16:27 PDT 07-15-2020)
|Address||BTC Received||USD Ammount|