It’s been at tough 24 hours for Twitter.
Yesterday, the verified Twitter accounts of a number of high-profile American celebrities and politicians were compromised as part of what seems to be both one of the largest crypto ‘giveaway’ scams in history, as well as the most high-profile Twitter hack ever.
The accounts that were hacked included those of celebrity entrepreneur and innovator Elon Musk, Microsoft founder Bill Gates, US presidential candidate Joe Biden, former US President Barack Obama, as well as a number of crypto companies, including Binance, Gemini, and Coinbase.
Also included were Amazon’s Jeff Bezos, former New York mayor Michael Bloomberg, rapper Kanye West, rideshare company Uber, tech giant Apple, celebrity mogul Kim Kardashian West, renowned investor Warren Buffett, and CashApp, among others; however, the hacker stopped short of co-opting the account of the big cheese himself, US President Donald Trump. Most, if not all, of the affected parties have released some kind of a statement condemning the hacks.
When they were compromised, however, each of the accounts posted a message that some iteration of the following: the posts start by saying that the individuals are feeling “generous”, or something similar, and promise that if users send their crypto to a certain address, their funds will be doubled and sent back to them.
(Of course, that’s not what really happened–victims will likely never see their funds again.)
Twitter said that while the exact mechanism that the attackers used to take advantage of the account has not yet been discovered, the platform has “detected what we believe to be a coordinated social engineering attack by people who successfully targeted some of our employees with access to internal systems and tools.”
Jack Dorsey, the platform’s chief executive, wrote that “we all feel terrible this happened. We’re diagnosing and will share everything we can when we have a more complete understanding of exactly what happened.”
Tough day for us at Twitter. We all feel terrible this happened.
We’re diagnosing and will share everything we can when we have a more complete understanding of exactly what happened.
💙 to our teammates working hard to make this right.
— jack (@jack) July 16, 2020
The incident has raised many questions shooting in many different directions: is Twitter’s security system really this susceptible to large-scale hacks? Who could have been behind these attacks?
And what does this mean for Bitcoin?
The spoils of the scam
These kinds of crypto “giveaway” scams seem to be the latest (and perhaps most prolific) flavor of cryptocurrency fraud. Indeed, earlier this week, Finance Magnates reported that the identities of an increasing number of high-profile cryptocurrency industry individuals were being co-opted for use in similar scams on Youtube.
These kinds of scams have had varying levels of success in the past; this time around, crypto AML and compliance firm Elliptic reported that three Bitcoin wallet accounts were used to receive a total of roughly 400 payments totaling $120,000. Some sources say that the amount of money could be as much as $300,000.
A summary of what we know so far about the money raised by the Twitter hackers:
Three bitcoin addresses were used, which together received around 400 payments. The total value of the bitcoin payments received is approximately $120,000.
— elliptic (@elliptic) July 16, 2020
Elliptic found that half of the payments originated from exchanges based in the United States, which likely indicates that roughly half of the scam’s victims are based in the US. The rest of them seem to be evenly spread throughout Asia and Europe.
Some Bitcoiners think that there’s no such thing as bad press; others disagree
For some in the cryptocurrency community, however, the biggest question does not seem to revolve around Twitter’s security–rather, some are asking a more financially-oriented question: is this good for Bitcoin?
— 🔱Aρε Oƒ Sαтσѕнι™ (@ApeOfSatoshi) July 15, 2020
There’s no question that the incident brought a lot of attention onto Bitcoin: the story of the hack has been reported in most major news outlets, at least in the western world–the BBC, the New York Times, Bloomberg News, and many others had stories with the words ‘Bitcoin’ or ‘crypto’ in their titles this morning.
Additionally, the term ‘Bitcoin’ began trending on Twitter shortly after the wave of tweets went out, as pointed out by Jameson Lopp, co-founder and chief technical officer of CasaHODL, on his own Twitter account.
The Startup Helping Real Estate Websites Achieve ADA ComplianceGo to article >>
This is good for Bitcoin 🙃 pic.twitter.com/RNMPokC9L1
— Jameson Lopp (@lopp) July 15, 2020
However, whether or not the attention that this Twitter incident has brought onto Bitcoin is good news or bad news for BTC seems to depend on whether one holds the belief that all publicity is good publicity–after all, Bitcoin is being talked about prolifically, even though it’s in connection with one of the most significant Twitter hacks in history.
I'm not sure if this will be good or bad🤷
1. (The Good) Millions of people will be seeing #bitcoin all over the news and twitter, which is free publicity🚀
2. (The Bad) People hear that bitcoin is used for scams, Also if the scammers manage to get a lot of $btc when sell ?🤷
— Simon Hayes (@Hayess5178) July 15, 2020
Bitcoin’s price seems to be unaffected (so far)
Bitcoin markets themselves don’t seem to have so much to say about the hack–at least, not yet.
The price of Bitcoin, which has been going through an unusually non-volatile price period for roughly two months, has not moved very much at all: at press time, BTC was marking a 0.80 percent decrease, and seemed to be quietly humming along the same, more-or-less flat trajectory that it has been moving along for the last eight weeks.
Additionally, while Bitcoin has made it into major news outlets in the past with regards to big price moves and major hacks, there isn’t a whole lot of precedent for this particular Twitter debacle–and while Bitcoin may be the currency of choice, the bigger issue seems to be focused on Twitter (and its security measures) itself.
After all–given the importance of the role that Twitter increasingly plays in global society–the fact that someone, or even a group of people, could gain access to so many important accounts is particularly shocking; some analysts agree that, if anything, the Bitcoin incident was a slap on the wrist.
”We all got very lucky that whoever was behind the Twitter hack today was not a very good criminal.”
Indeed, Sheera Frenkel, a cybersecurity reporter for the New York Times, wrote on Twitter that “basically, we all got very lucky that whoever was behind the Twitter hack today was not a very good criminal.”
“They had control of Twitter accounts for some of the world’s most powerful public figures, and used it to make… roughly $300,000?,” she said.
Basically, we all got very lucky that whoever was behind the Twitter hack today was not a very good criminal. They had control of Twitter accounts for some of the world’s most powerful public figures, and used it to make… roughly $300,000? https://t.co/TbszMb5YTn
— Sheera Frenkel (@sheeraf) July 16, 2020
Similarly, Tracy Alloway, a financial journalist at Bloomberg, invited readers of her Twitter account to “imagine taking all that time to hack into Twitter to run a Bitcoin scam when you could have wrought havoc in global financial markets by getting Biden to say he was dropping out, or get Warren Buffett to say he was liquidating, or Elon Musk to say he’s recalling the short shorts.”
Imagine taking all that time to hack into Twitter to run a Bitcoin scam when you could have wrought havoc in global financial markets by getting Biden to say he was dropping out, or get Warren Buffett to say he was liquidating, or Elon Musk to say he's recalling the short shorts.
— Tracy Alloway (@tracyalloway) July 16, 2020
In other words, the Bitcoin scam, though it did affect a number of Bitcoin users–and, demographically speaking, probably some of the most vulnerable ones, at that–was essentially a warning that let the world know that one of the most widely-used and widely read platforms for information sharing is imminently more hackable than it may have seemed in the past.
Sarah Frier, a social media reporter at Bloomberg, also pointed out via Twitter that while the Bitcoin posts may have certainly been the most visible part of the hack, they may not have been the only thing that the hackers did while they were in Twitter’s system.
“The biggest risk is that this Twitter hack wasn’t about a bitcoin scam at all, but about something we haven’t seen yet that could be much worse,” she wrote. “Hard to know everything the hackers did with their access but hope Twitter is able to find out definitively.”
The biggest risk is that this Twitter hack wasn’t about a bitcoin scam at all, but about something we haven’t seen yet that could be much worse. Hard to know everything the hackers did with their access but hope Twitter is able to find out definitively.
— Sarah Frier (@sarahfrier) July 16, 2020
Where’s the money now?
The coins have been on the move since they were deposited in the hacker’s digital coffers: as of 9:15 PM EST on July 15th, Elliptic reported that roughly half of the funds had been moved to other addresses, though there was no clear evidence that they had been moved to exchanges.
While there still aren’t any clear leads on who may have been behind the attack, one of the wallets that the stolen coins were sent to has been previously used to transact with cryptocurrency exchanges; Elliptic pointed out that “this could be an important lead for law enforcement investigators seeking to identify the hacker.”
“The situation is changing rapidly, but it doesn’t look like the hacker will receive significant additional payments. Their challenge now is to launder these funds – with the world watching them on the blockchain,” the firm wrote.
What are your thoughts on the ramifications of Twitter’s big Bitcoin hack? Let us know in the comments below.