Twitter accounts of both crypto exchange Binance and its founder Changpeng Zhao were hacked by an anonymous user, drawing attention to the security issues involved and how easy it would have been to implement a phishing scheme.
The social media accounts of at least six crypto exchanges and media outlets were also temporarily taken over by the same group of hackers on Wednesday afternoon. Outside the crypto domain, Bill Gates and Elon Musk had their Twitter accounts hijacked as well.
Except for Binance, the high-profile accounts have now been restored and fraudulent tweets were quickly deleted.
The hacker is seemingly trying to benefit from the successful attempt to gain control of the official handles to con Binance users, particularly with a cryptocurrency giveaway scam to an entity called CryptoForHealth.
Binance’s CEO warned Twitter users of the scam within a few minutes of the hack, but his warning was hidden and blocked by the hackers, and then his handle itself was hacked.
The incident is significant as Binance Jersey’s Twitter account had been hacked a few months ago by a white hat hacker. Binance, which leads the world in terms of trading volume, has also suffered form a scandal that saw a hacker leaking KYC documents.
While the hack appears to be spotted by Binance users, which may limit the scam fallout, the entire cryptocurrency community is on high alert as there were rumors that cryptocurrency exchange Kucoin, as wells as industry news outlet CoinDesk, have lost control of their Twitter handles.
The same hackers were also behind taking over the twitter accounts of crypto platforms Bitfinex, Gemini and Coinbase, as well as Tron CEO Justin Sun and Bitcoin.com, as their handles published the same message of “giving back 5000 BTC to the community”.
Rob Frasca Talks Ndau as an Adaptive Store of ValueGo to article >>
It seems like some Twitter API posting service has been compromised and being used to send out fake “giveaway” tweets from popular crypto/blockchain accounts. “CryptoForHealth” is a scam.
No way are all these accounts unprotected by strong passwords and TOTP 2FA
— Andreas ☮ 🌈 ⚛ ⚖ 🌐 📡 📖 📹 🔑 🛩 (@aantonop) July 15, 2020
Tesla CEO Elon Musk’s Twitter account posted the following message to his followers.
The same blockchain address also appeared in a similar tweet posted on Bill Gates’ Twitter account. The scam yielded thousands of dollars worth of Bitcoins so far as some followers sent donations to the BTC address as a tracking of the blockchain network shows.
Commentig on the news, Stuart Hoegner, General Counsel at Bitfinex said: “We abhor this attack on the bitcoin ecosystem and on free speech more generally. Bitfinex and Tether will do all they can to ensure that people are not robbed by fraudsters or otherwise compromised. As we always do, we will co-operate with valid law enforcement appeals to stop the damage and with any lawful request in the inevitable investigation to follow.” –
“Hackers recently took control of many highly-visible (including verified) Twitter accounts in a co-ordinated scam. Bitfinex was among those targeted by the hackers. We wish to reassure our customers that this incident did not affect customer accounts in any way and did not at all circumvent the robust security measures that we have in place.” added a spokesperson from Bitfinex.