A number of high-profile cryptocurrency Twitter accounts were simultaneously hacked on Wednesday by attackers who used the accounts — some with millions of followers — to spread cryptocurrency scams.
@bitcoin, @ripple, @coindesk, @coinbase, and @binance were among the accounts hacked with the same message: “We have partnered with CryptoForHealth and are giving back 5000 BTC to the community,” followed by a link to a website, which we are not linking to.
Some of the accounts were quickly back under their owners’ control with tweets were quickly deleted. At the time of writing, both @binance and @bitcoin still had a tweet promoting the scam.
The scam website was quickly flagged by Cloudflare as a phishing site, but still accessible when clicked-through.
Many other accounts were quickly hijacked, including @elonmusk, which later simply directed users to send bitcoin to a certain address under the guise that he will “double any payment” — a known scam technique.
A spokesperson for Binance told TechCrunch: “The security team is actively investigating the situation of this coordinated attack on the crypto industry.”
It’s not immediately known how the account hacks happened. Security researchers found that the attackers had fully taken over the victims’ accounts, and also changed the email address associated with the account to make it harder for the real user to regain access.
A Twitter spokesperson, when reached, said the company was “looking into” the matter, but didn’t immediately comment.
These kinds of scams are common. Scammers take over high-profile Twitter accounts using breached or leaked passwords and post messages that encourage users to post cryptocurrency funds to a particular address or wallet under the guise that they’ll double their “investment.” In reality, it’s simple theft.
Scammers frequently reply to high-profile accounts, like celebrities and public figures, to hijack the conversation and hoodwink unsuspecting victims. Twitter typically shuts these accounts down pretty fast.
It’s a scam that works By the time of writing, the blockchain address used on the scam site had already collected 2.8 bitcoin — some $25,700 in today’s currency — and it’s going up by the minute.