Twitter Bitcoin Hack 2020: What We Know So Far
At around 14:00 Central Time (Chicago) on July 15, 2020, several prominent Twitter accounts posted messages about Bitcoin. These messages appeared to suggest that the brands and individuals the accounts represented would be giving Bitcoin away to individuals in an effort to "give back to [the] community." Users were asked to send amounts of Bitcoin to a given Bitcoin wallet, at which point they'd return the Bitcoin at double the amount sent.
What happened here?
For a very confusing half-hour (or more), several major Twitter accounts had messages posted that indicated they'd double any amount of Bitcoin sent to a certain Bitcoin wallet – or through a sort of charity website that also seemed to link to a questionable Bitcoin wallet. At approximately 4:45 PM Central Time, Twitter Support began to go public with their response to the situation.
We are aware of a security incident impacting accounts on Twitter. We are investigating and taking steps to fix it. We will update everyone shortly.
— Support (@Support) July 15, 2020
There's a bit of a mislead in the news at the moment, where sources are suggesting that individual companies and celebrities were hacked. In reality, Twitter's confirmed that it wasn't said brands and celebrities that were hacked, it was a set of Twitter employees. And they weren't hacked, they were, as Twitter suggests, likely the target of a "coordinated social engineering attack."
We detected what we believe to be a coordinated social engineering attack by people who successfully targeted some of our employees with access to internal systems and tools.
— Support (@Support) July 16, 2020
This basically implies that malicious parties were able to gain access to the administration tools Twitter uses to edit their own website. As it seemed to be with the celebrity photo leak of 2016, it was more likely a matter of tricking humans into giving up their passwords than it was breaking in to Twitter accounts one-by-one.
"Internally, we've taken significant steps to limit access to internal systems and tools while our investigation is ongoing," wrote Twitter Support. "More updates to come as our investigation continues."
How much money did the hackers get?
Where did the money go, and how much did they make? The Bitcoin wallet posted to each of the major Twitter accounts on the 15th of July, 2020 started receiving deposits at approximately 2PM Central Time. By about 4PM, people had sent over $56.5 million dollars (USD) worth of Bitcoin to the Bitcoin wallet in question. As of 11AM on July 16, said Bitcoin wallet had $133 USD worth of Bitcoin left.
Since the start of the attack (until now, just before noon on July 16, 2020), the Bitcoin wallet in question transferred out 12.85345191 BTC. Converted to USD right this minute, that means the hackers made away with over $117-thousand dollars.
Where did all that money go?
Tracing Bitcoin transactions associated with the Bitcoin wallet in question we see several large amounts sent to different addresses throughout the day, moved in and out of wallets that have only a pair of transactions (one in, one out), eventually reaching wallets associated with "Dark Web", Onion addresses, and the like. Basically the money disappears into the ether.
Who was targeted?
The following Twitter accounts were targeted in this attack. While other accounts may have been targeted, this list includes all well known and "verified" accounts that we've confirmed did, indeed, post a Tweet associated with the incident.
• Coinbase
• CoinDesk
• Binance
• Elon Musk
• Barack Obama
• Joe Biden
• Bill Gates
• Jeff Bezos
• Michael Bloomberg
• Warren Buffet
• Floyd Mayweather
• Kim Kardashian
• Kanye West
• Apple
• Uber
• Cash App
If you know of any other Twitter accounts that fell victim to the attack on the 15th of July, 2020, let us know! What's more interesting about this list than the people and brands on it is... those major names and labels that are curiously absent. Can you think of any major brands or names that would seem to have been an obvious target for this campaign but... for whatever reason, did not appear?