This hacker pulled off quite a heist at Twitter recently

He (or she) gained access to a Twitter Admin account and used that access to rapidly take control of a number of high profile Twitter accounts.

Once the hackers gained control of these accounts they began using them to lure unsuspecting victims to sending them small amounts of bitcoin and other cryptocurrencies.

This was done with the promise of doubling their investment in a very short time. The scam was successful, and the unknown hacker collected more than $100,000 in cryptocurrency.

The accounts hacked included

  • @Apple
  • @Bitcoin
  • @BarackObama
  • @JeffBezos
  • @JoeBiden
  • @elon_musk
  • @BillGates
  • @WarrenBuffet
  • @uber
  • @kanyewest
  • @wizkhalifa
  • @coinbase
  • @Ripple
  • @Gemini
  • @binance
  • @justinsuntron
  • @Tronfoundation
  • @SatoshiLite
  • And more

For Twitter's part, they detected the unusual account activity quickly and shut it down, locking the impacted accounts and resetting their passwords. Some three hours after the attack began, Twitter reported that functionality had been fully restored to all impacted accounts.

The official announcement from Twitter reads

"We detected what we believe to be a coordinated social engineering attack by people who successfully targeted some of our employees with access to internal systems and tools."

"We know they used this access to take control of many highly-visible (including verified) accounts and tweet on their behalf. We're looking into what other malicious activity they may have conducted or information they may have accessed and will share more here as we have it."

"Internally, we've taken significant steps to limit access to internal systems and tools while our investigation is ongoing. More updates to come as our investigation continues."

There is some speculation that the attack may have been an inside job, but Twitter has so far neither confirmed or denied that. There is at least some cause for concern here. Current and former Twitter employees have, in the past, been charged for using Twitter's internal systems to illegally collect information on users including email addresses, IP addresses, and dates of birth.

Our perspective

Time will tell. In the meantime, don't be taken in by similar-sounding scams asking for small bitcoin or other cryptocurrencies "investments" with the promise of spectacular, near-instant returns.

~ As Hill Street Blues' Sgt. Esterhaus always advised: "Hey, let's be careful out there! " ~

 

By Denis Wilson and Melissa Stockwell

Thanks for reading this short post. For more tips on thriving with small business technology, check out the other blog posts at DWPIA Blogs. I am also available on LinkedIn, Facebook, and Twitter.

Cybersecurity Expert, Small Business Technology Consultant, Managed Services Provider, Managed IT SupportI'm Denis Wilson, President and Principal Consultant for DWP Information Architects. We build people / process / technology solutions to create better business outcomes for smaller enterprises in Los Angeles. We have created cost-effective office productivity and out-sourced service solutions for over 20 years, focusing principally on manufacturing and healthcare.  Our hallmarks are reliability, cybersecurity, and regulatory compliance.

I am also a published author and speaker, working extensively with business and professional associations to provide small business technology education programs.

Contact me if you would like me to speak at your association