Twitter bitcoin hack explained: What are cryptocurrency scams and how did site become haven for them?

The scale of the attack was unprecedented but experts warn it could have been much worse

Anthony Cuthbertson
Thursday 16 July 2020 14:46 BST
Comments
Twitter suffered the 'biggest security breach in its history' on 15 July, 2020.
Twitter suffered the 'biggest security breach in its history' on 15 July, 2020. (Getty Images)

Your support helps us to tell the story

From reproductive rights to climate change to Big Tech, The Independent is on the ground when the story is developing. Whether it's investigating the financials of Elon Musk's pro-Trump PAC or producing our latest documentary, 'The A Word', which shines a light on the American women fighting for reproductive rights, we know how important it is to parse out the facts from the messaging.

At such a critical moment in US history, we need reporters on the ground. Your donation allows us to keep sending journalists to speak to both sides of the story.

The Independent is trusted by Americans across the entire political spectrum. And unlike many other quality news outlets, we choose not to lock Americans out of our reporting and analysis with paywalls. We believe quality journalism should be available to everyone, paid for by those who can afford it.

Your support makes all the difference.

Twitter has suffered the "biggest security breach in its history", according to one cyber crime expert, but it is just the latest in a years-long campaign by criminals to scam people on the platform through the ruse of bitcoin giveaways.

Among those targeted in Wednesday's attack was billionaire entrepreneur Elon Musk, who has consistently raised concerns about the "dire problem" of cryptocurrency scams.

Typically, the scams involve fake accounts posing as high-profile Twitter users like Musk in order to hold giveaways. They request Twitter users send cryptocurrency to a digital address in order to receive a greater amount in return.

Once the money is sent, it is nearly impossible for the victims to recover their funds due to the semi-anonymous nature of bitcoin making it difficult to trace the perpetrators.

Analysis by The Independent in 2018 uncovered hundreds of transactions sent to cryptocurrency scammers operating on Twitter, resulting in thousands of dollars worth of losses for victims.

Twitter said at the time that it was cracking down on cryptocurrency scams, claiming it had developed new tools to detect "spammy and malicious" activity.

But scammers continued to proliferate on the platform, changing their username and profile pictures to match those of high-profile accounts in order to trick people.

The site's rules state that impersonating another individual for the purpose of deceiving its users is a violation of its terms of service, and will result in an account being suspended. Simply suspending an account does not solve the problem, as it is a relatively quick and simple process to set up a new account.

Following a spate of impersonations of his account earlier this year, Mr Musk tweeted: "The crypto scam level on Twitter is reaching new levels. This is not cool."

The latest attack was another level still, as rather than simply impersonate Musk and other major accounts, the scammers were actually able to hijack their accounts.

A bitcoin address used in the attacks received more than 350 payments, which totalled around £95,000, before Twitter took action to take the posts down and return the accounts to their owners.

Twitter described the attack as a "coordinated social engineering attack by people who successfully targeted some of our employees with access to internal systems and tools."

In a series of tweets the social media giant stated once again that it has "taken significant steps" to prevent such an attack from taking place again.

One of these measures appears to be banning bitcoin addresses from being posted on its platform, however people have already figured out workarounds.

While bitcoin scammers may no longer be able to post their digital addresses in a tweet, they are still able to tweet a screenshot of their bitcoin address, or even post their address by adding a single dot in the middle of the address.

Cryptocurrency scams will likely continue for as long as such methods are possible, though security experts say the biggest concern raised by the latest incident is not the scam itself but how the attack was carried out.

"This was the biggest security breach in Twitter's history, but ordinary users were not affected by it at all - unless they fell for the scams posted by the hacked celebrities," Mikko Hypponen, chief research officer at cyber security firm F-Secure, wrote in an emailed comment.

"In the end, this could have been much worse... The attack could have done far worse things than to scam bitcoins out of people; the attackers had access to everything. They could have done anything on Twitter. They could have started tweeting weird things in the names of the US Presidential candidates during the voting this November, for example."

Join our commenting forum

Join thought-provoking conversations, follow other Independent readers and see their replies

Comments

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in