A massive back-end attack paralyzed Twitter yesterday, and it brought in a major payday for the hacker.
A hacker managed to take control of several prominent public figures’ Twitter accounts yesterday. The hacker used the opportunity to perpetuate a massive cryptocurrency scam. The hack affected a litany of powerful influencers. Some of them include former President Barack Obama, Presidential hopeful Joe Biden, former Microsoft CEO Bill Gates, and many more. Once in control, the posted tweets asking followers to send bitcoin to a particular address. The hacker told them they would earn back double whatever they sent. Here’s an example of one of the scam tweets posted to President Obama’s Twitter:
“I‘m feeling generous because of Covid-19. I’ll double any BTC payment sent to my BTC address for the next hour. Good luck, and stay safe out there!”
The post also listed a bitcoin wallet where users should send their funds. An investigation into blockchain records for that particular address found that the scam yielded over dozens of responses. It had a total haul of over 12.8 bitcoin. At today’s market rate, that’s the equivalent of roughly $116,000.
Twitter Takes Action
Chaos erupts on Twitter after hackers target the likes of Obama and Elon Musk as part of a scam https://t.co/a4oBVK5L7j
— indy100 (@indy100) July 16, 2020
Twitter scrambled to respond to the scam, and most of the posts came down relatively quickly. Initially, the posts told users to go to a URL for a website where ‘donations’ are accepted. However, the domain registrar that hosted the site, Namesilo, quickly pulled it offline once it got wind of the attack. After the site was taken down, scammers shifted to posting the wallet address. This proved to be a very successful technique, given their $100,00-plus haul.
By the time it ended, Twitter had to silence all of its verified accounts while it figured out the problem. The company released a statement explaining, “We’re continuing to limit the ability to Tweet, reset your password, and some other account functionalities while we look into this. Thanks for your patience.” By Wednesday evening, the company announced that it had restored most accounts to full functionality but warned that features may “come and go” while it works on a fix. Early investigations indicate that the hacker launched the attack using an internal tool on Twitter’s network.
An inside source who was directly involved in the scheme told TechCrunch that the hack was orchestrated by a hacker who goes by the handle “Kirk”. ‘Kirk’ managed to take control of Twitter’s internal admin tool and use it to hijack the popular twitter accounts. Once in control, the hacker also changed the account email addresses, making it more difficult for the owners to regain control.
Admin Tool Revealed
The inside source shared a screenshot of the admin tool with TechCrunch, Twitter is eager to keep this information quiet. There are reports that the company is removing tweets and suspending users who post screenshots of the tool. Twitter employees can use this tool to take over user accounts, change account settings, and even suspend users entirely. The unnamed source wouldn’t provide specific details on how Kirk gained control of the tool.
It’s somewhat concerning that notoriously left-leaning Twitter employees have the capability to take over prominent accounts, which could include the President of the United States. This story still has a lot of unanswered questions, but CEO Jack Dorsey’s allies in the left and the mainstream media will likely move the story to the back burner in quick fashion.
The hack was a major embarrassment for Twitter and CEO Jack Dorsey, but many conservatives were happy to see Dorsey with some egg on his face. The company has a long history of disproportionately silencing conservatives voices. It has also made several efforts to undermine President Trump’s reelection efforts. Hopefully, investigators will see this story through to its end and Twitter will get its comeuppance for manipulating the court of public opinion.