Advertisement

Drudge Retort: The Other Side of the News
Thursday, July 16, 2020

A hacker allegedly behind a spate of Twitter account hacks on Wednesday gained access to a Twitter "admin" tool on the company's network that allowed them to hijack high-profile Twitter accounts to spread a cryptocurrency scam, according to a person with direct knowledge of the incident.

More

Alternate links: Google News | Twitter

[https://twitter.com/CNN/status/1283526504891256833]]

Comments

Admin's note: Participants in this discussion must follow the site's moderation policy. Profanity will be filtered. Abusive conduct is not allowed.

Here's what you do Joe. Put 1.6 billion Bitcoins on a pallet and it will go away, remember how that works Joe?

#1 | Posted by gracieamazed at 2020-07-15 06:54 PM | Reply

Is that anything like the 12 billion in palleted cash that vanished in Iraq?

#2 | Posted by ChiefTutMoses at 2020-07-15 07:00 PM | Reply

[...] literally doesn't know what she's posting about.

Go ahead and ask her.

#4 | Posted by ClownShack at 2020-07-15 07:30 PM | Reply

Twitter Hack Snags Obama, Biden, Gates Accounts in Bitcoin Scam
www.bloomberg.com

...The Twitter accounts of some of the U.S.'s most prominent political and business leaders, from Barack Obama and Joe Biden to Bill Gates and Warren Buffett, were hacked Wednesday afternoon in an apparent effort to promote a Bitcoin scam.

The attacks were stunning in scope and almost certainly coordinated. Others whose Twitter accounts appeared to be hacked included Jeff Bezos, Elon Musk, Kanye West, Uber Technologies Inc., Apple Inc. and Michael Bloomberg, the founder and majority owner of Bloomberg News parent Bloomberg LP. The accounts sent out tweets promising to double the money of anyone sending funds via Bitcoin within 30 minutes....




#5 | Posted by LampLighter at 2020-07-15 07:41 PM | Reply

This was a warning

#6 | Posted by GOnoles92 at 2020-07-15 07:44 PM | Reply

This was a warning

Share what you know.

#7 | Posted by ClownShack at 2020-07-15 07:51 PM | Reply

I don't know about a warning but I'd be willing to bet that with this many accounts it wasn't the accounts that were hacked but Twitter that was hacked.

#8 | Posted by TaoWarrior at 2020-07-15 08:18 PM | Reply

Share what you know. #7 | POSTED BY CLOWNSHACK

Imagine you had a 0day to get into Twitter's backend Admin space (as Tao mentioned). You use it to.. collect about $50,000 BTC/USD scammed from high profile, high visibility accounts?
Could have made tens of millions via admin access to Elon Musk's account alone if the masquerade was conducted during market hours. Similar to Elon's real tweet about "Taking TSLA private at $420." A tweet from Musk's account of "I am hereby resigning from TSLA to focus on ____." Would have been easy money.

This couldn't have been for the money because who in 2020 uses cryptocurrency but also is vulnerable to such an old style scam?

GRU (allegedly?) was monitoring Podesta's email for many months, quietly exfil'd his inbox's contents and then exited the space undetected, and everything was posted to Wikileaks.

I think this was a proof of concept of a vulnerability.
Best case would be if they mindlessly burned an ability to do an old scam/ it wasn't a 0day but only a masquerade of one Admin account; worst case is while in the backend, they established persistence and can revisit.

#9 | Posted by GOnoles92 at 2020-07-15 08:35 PM | Reply

#8&9 (As well as #5)

Very interesting. Actually. A lot more interesting of an article than I had believed.

Thank you for taking the time to explain it.

It's unfortunate the thread poster immediate tarnished the thread with post #1.

#10 | Posted by ClownShack at 2020-07-15 08:43 PM | Reply

Jeff Tiedrich
@itsJeffTiedrich

2h
if someone hacked our president's account and made it look like he was ------- moron, how could anyone tell?

#11 | Posted by reinheitsgebot at 2020-07-15 09:01 PM | Reply | Funny: 1

A bit of a deeper dive..

Apple, Biden, Musk and other high-profile Twitter accounts hacked in crypto scam
techcrunch.com

#12 | Posted by LampLighter at 2020-07-15 09:09 PM | Reply

Thank you for taking the time to explain it.

No problem, it was an interesting ~hour to have been on Twitter. The scammers operated with impunity, then Someone at the Twitter SOC must have hit the panic button and all verified accounts/blue check marks had their posting privileges silenced as they were put in quarantine, then they were slowly allowed back into obtaining retweeting/posting privileges after ~15 minutes.

I hope Twitter will be forthcoming with information from their investigation, but I doubt it.

#13 | Posted by GOnoles92 at 2020-07-15 09:09 PM | Reply

And the plot thickens...

Twitter Is Removing Images of Internal Tool Sources Say Enables Account Takeover
www.vice.com

#14 | Posted by LampLighter at 2020-07-15 09:11 PM | Reply

This is beginning to look not so good...

twitter.com

...Cameron Winklevoss
@winklevoss
ALL MAJOR CRYPTO TWITTER ACCOUNTS HAVE BEEN COMPROMISED.

2FA / strong password was used for @Gemini
account. We are investigating and hope to have more information shortly.

Tyler Winklevoss
@tylerwinklevoss
5h
WARNING: @Gemini's twitter account, along with a number of other crypto twitter accounts, has been hacked. This has resulted in @Gemini, @Coinbase, @Binance, and @Coindesk, tweeting about a scam partnership with CryptoForHealth. DO NOT CLICK THE LINK! These tweets are SCAMS.

4:08 PM Jul 15, 2020

#15 | Posted by LampLighter at 2020-07-15 09:19 PM | Reply

Twitter says hack of key staff led to celebrity, politician, biz account hijack mega-spree
www.theregister.com

...'Coordinated social engineering attack' paved the way for miscreants to tweet out Bitcoin scam to millions...

#16 | Posted by LampLighter at 2020-07-16 09:15 AM | Reply

Hackers Convinced Twitter Employee to Help Them Hijack Accounts
www.vice.com

...A Twitter insider was responsible for a wave of high profile account takeovers on Wednesday, according to leaked screenshots obtained by Motherboard and two sources who took over accounts....

"We used a rep that literally done all the work for us," one of the sources told Motherboard. The second source added they paid the Twitter insider. Motherboard granted the sources anonymity to speak candidly about a security incident. A Twitter spokesperson told Motherboard that the company is still investigating whether the employee hijacked the accounts themselves or gave hackers access to the tool....


#17 | Posted by LampLighter at 2020-07-16 11:45 AM | Reply

:-)

#18 | Posted by gracieamazed at 2020-07-16 12:39 PM | Reply

"What's that girl? Twitters down a well? Good girl. Let's go have dinner."

#19 | Posted by redlightrobot at 2020-07-16 09:45 PM | Reply

#17 | Posted by LampLighter

Interesting. Insider threats ARE some of the worst.

Twitter should have fixed their issues when the Saudi collaborators were discovered.

Security in general is only as good as its weakest link - people.

#20 | Posted by GalaxiePete at 2020-07-17 04:08 PM | Reply

Comments are closed for this entry.

Home | Breaking News | Comments | User Blogs | Stats | Back Page | RSS Feed | RSS Spec | DMCA Compliance | Privacy | Copyright 2020 World Readable

Drudge Retort