Twitter has been all over the news again and this time, thankfully, it’s not because President Trump has said something he shouldn’t.
Several high-profile US twitter accounts, including those of Elon Musk, Barack Obama, Kanye & Kim, Bill Gates, Jeff Bezos and tech giants Apple and Uber, were compromised on Wednesday. Multiple tweets were posted from the hacked accounts, reaching countless millions of followers, as part of what appears to be a Bitcoin scam on an unprecedented level.
The malicious tweets all shared the same message: send any amount of Bitcoin to a certain address, and it will be doubled and sent back. Needless to say, it is not genuine, and we don't recommend that you part with your hard-earned cash.
It's not the first time that a social media giant (or even this social media giant) has suffered a serious cyberattack, and it's not the first time that we have seen these "double your Bitcoin" scams. However, the sheer scale of this incident, which appears to have started on cryptocurrency-related accounts such as CoinDesk and Coinbase before moving onto several of the most-followed accounts on Twitter, sets this attack apart as one of the most significant social media security breaches to date. In the short time that the tweets were active, at least £80,000 worth of Bitcoin appears to have been transferred to the perpetrators' wallets.
This is a devastating blow on a number of fronts: for the victims, who are unlikely to ever see their money again; for Twitter, whose co-founder Jack Dorsey tweeted that they "all feel terrible this happened" (a sentiment which may not carry much weight if the data protection authorities find shortcomings in their security measures); and even for the future of Bitcoin and other cryptocurrencies, which have struggled over the past 10 years to leave behind the negative connotations born out of Bitcoin's widespread use in criminal activity (thanks to it being incredibly difficult to trace those involved).
A tweet by the official Twitter Support account indicates the company believes this to have been a sophisticated social engineering attack, meaning the attackers targeted Twitter employees to gain access to their credentials for accessing Twitter's systems, rather than attempting to breach the systems directly. Social engineering remains one of the most dangerous forms of cyber attack; as security technology advances, hackers need to use increasingly sophisticated technical means to breach secure IT systems, and so the weakest link inevitably becomes the human beings who have genuine authority to access to those systems.
Whilst the perpetrators haven't yet been identified, the BBC reported that the website to which some of the malicious tweets directed users (cryptoforhealth.com) is associated with email address "email@example.com" and the name "Anthony Elias" (likely a play on "an alias"). On Instagram, user "cryptoforhealth" appeared to claim responsibility for the attack and stated "It was a charity attack. Your money will find its way to the right place".
Whether greed was the motivator or we're dealing with a wannabe modern-day Robin Hood, many consider it lucky that this attack focussed on money. The impact of an attack on this scale could have been significantly greater if its purpose was to, for example, interfere with elections or voting systems. Either way, this serves as another reminder that cybersecurity is increasingly important for all businesses, and that it needs to be continually monitored to stay on top of evolving threats.
A robust cyber security programme is as much about managing people and processes as it is about managing technology. If you're a business owner, IT manager or otherwise invested in the security of your organisation, get in touch to see how we can help - Brabners' cybersecurity team can provide practical, commercially-minded guidance on the steps that you should be taking, as well as legal advice on your responsibilities when it comes to IT and data security.
An unprecedented 'smash and grab'