October 24, 2020

Gates, Musk, Others Hacked in Comprehensive Twitter Attack

Normally, managing to hack just one celebrity, CEO, or tech industry titan would be something...

Normally, managing to hack just one celebrity, CEO, or tech industry titan would be something of an event. On Wednesday, however, dozens of famous individuals began tweeting out the same Bitcoin scam.

Oh yeah. They also hit Twitter support itself.

This attack is not believed to be a case of single-account penetration or stupid password usage. Celebrities were hit in quick succession, including:

Apple, Barack Obama, Bill Gates, Binance, Bitcoin, CashApp, Charlee Lee, Coinbase, Coindesk, CZ_Binance, Elon Musk, Gate.io, Gemini, Jeff Bezos, Joe Biden, Justin Sun, Kim Kardashian-West, Kucoin, Mike Bloomberg, MrBeast (YouTuber), Tron, Warren Buffet, Wendy’s, Wiz Khalifa, and Uber.

This should not be assumed to be an exhaustive list; it’s just what’s publicly available at the time of writing. I have no doubt we’ll hear about other people being targeted as time goes on.

Right now, the current thinking is that there’s only way for hackers to have pulled off this kind of targeted attack so quickly: They gained employee-level backend access to the service and to some of the tools Twitter uses for customer service.

Twitter’s comments to date have been terse, at best:

Unfortunately, it appears that some people did fall for the scam. Blockchain shows that multiple individuals have sent money to the scam address, with ~$115,000 collected as of this writing.

Right now, a number of affected individuals are reporting they cannot log into their accounts or change their passwords. Twitter itself has confirmed that users may be unable to Tweet or reset your password while they review the situation. Multiple users have reported that their email addresses were changed as part of the hack, making it effectively impossible for them to recover their accounts.

Twitter will undoubtedly restore the service and the accounts of impacted individuals, but there’s no way for the company to restore the BTC of the people who fell for this. ExtremeTech recommends carefully evaluating any “too good to be true” news seen on Twitter or any other website. If Bill Gates or Elon Musk had promised to give away large cryptocurrency stashes, it would be front-page news at sites such as ExtremeTech within short order. While such an announcement would be news no matter what, the number of people facing difficult financial straits in the next few months means any billionaire actually willing to give away wealth in such a fashion would be doing a good deal of good.

News of this nature should be treated as automatically false in all circumstances unless confirmed by multiple independent press outlets, at least one of whom should have a formal, on-the-record quote. Let me be clear: I don’t expect any giant BTC giveaway from anywhere, to anyone, but if such a thing were going to happen, we’d talk about it.

As of 8 PM on Wednesday, Twitter has not published any details on the attack, how it was carried out, or what personal information was compromised.

Now Read:

Source link