Your flight was cancelled but your boss thinks you are making it up
Airlines issue flight delay/cancellation certificates for those looking to furnish proof
There was a flutter on Twitter overnight as the accounts of a number of high-profile people, including Barack Obama, Joe Biden, Kanye West, Elon Musk, Jeff Bezos and Bill Gates, were hacked. Tweets sent from these accounts asked people to send $1,000 worth of Bitcoins to a certain address — cryptoforhealth --and promised to send back $2,000 worth of Bitcoins, provided the funds were transferred within 30 minutes.
The tweets guised the request in the form of a fund-raising effort to fight the Covid-19 pandemic, making it more believable. BBC reported that the link displayed in the tweet received contributions totalling $100,000, according to publicly available blockchains.
Vulnerability in Twitter
These kind of hacks are not uncommon on Twitter, but the concerted attack in a limited period appears to be one-of-a-kind, aimed at garnering as much money as possible in a short span of time. Twitteratti are meanwhile up in arms asking Twitter to explain it self.
In a series of tweets, Twitter explained its position:
“Our investigation is still ongoing but here is what we know so far.”
“We detected what we believe to be a coordinated social engineering attack by people who successfully targeted some of our employees with access to internal systems and tools.”
“We know they used this access to take control of many high-visible (including verified) accounts and Tweet on their behalf. We are looking into what other malicious activity they may have conducted or information they may have accessed and will share more here as we have it.”
“Once we became aware of the incident, we immediately locked down the affected accounts and removed Tweets posted by the attackers.”
“We also limited functionality for a much larger group of accounts, like all verified accounts (even those with no evidence of being compromised while we continue to fully investigate this.”
These actions may have caused problems to many Twitter users, who may have found their accounts being temporarily locked. Twitter Support has also said that it will restore access to the original account holder only when it is certain that the account is secure.
With the investigations continuing, Twitter users are likely to witness further disruptions over the next few days.
Why Bitcoins?
The modus operandi of the scamsters involved people sending money into a Bitcoin account. This is quite ingenuous due to various reasons. One, transferring money across countries is the easiest with crypto assets since it does not involve any paperwork, central bank permission, and so on. Two, there is also no limit on the sums that can be transferred through Bitcoins, unlike conventional money. Three, an audit trail is also relatively difficult to establish in Bitcoins, compared to money transfer through conventional bank accounts.
This, therefore, appears to be a well-planned attack — one that should serve as a wake-up call to Twitter to tighten its internal controls.
Please Email the Editor