By Kyle Fedorek

2020 has been one heck of a year. From COVID-19 to real world issues and the presidential debate. It seems just when you think it cant get any crazier or weirder the world throws something back in your face. As of writing this some major accounts are still be taking over and tweeting a purported bitcoin scam. Twitter has not released much except that they acknowledged a security incident and are investigating.

Twitter Support account acknowledging hack.

Many high profile accounts such as Elon Musk, Joe Biden, Obama, Kanye and more were hacked to help support the scam. The scammer’s website was quickly pulled offline. Kristaps Ronka, chief executive of Namesilo, the domain registrar used by the scammers, told TechCrunch that the company suspended the domain “on the first report” it received.Some of the accounts were quickly back under their owners’ control and tweets were quickly deleted, though at the time of writing, both Binance  and Bitcoin still had a tweet promoting the scam. @apple also had its account hacked to push the same scam, as well as Amazon co-founder @jeffbezos and @billgates, whose account was also briefly hacked with the same message, though the tweet was quickly deleted.

It is unlikely that each entity or individual was targeted and compromised. This totally falls on twitter. As one account we witnessed who was hacked and then regained control stated he had 2FA enabled. As well as the Winkelvoss twins who own Gemini cryptocurrency exchange also tweeted. It seems someone got greater access to Twitter and was able to reset passwords or bypass the Multi factor and two factor authentication completely. There is rumor and speculation that a Twitter employee was targeted and possibly phished. This employee had access to the Twitter user management panel. This would make sense given the ease and number of verified accounts that were briefly taken over and 2FA/MFA being bypassed.

One of the Winklevoss brothers tweet about the apparent ongoing scam and twitter hack

Many major cryptocurrency exchanges seem to have fell victim to the scam as well. Also oddly enough and to note that it seems only prominent Democratic leaders and even the presidential candidate Joe Biden were also affected. The list also includes Barack Obamaand Alexandria Ocasio-Cortez. Who is behind the major hacking is unsure. Russia and North Korea have always had a sinister side for attacking crypto related services. There has been a couple major cryptocurrency exchange hacks linked to North Korean nation-state hackers in the past few years. They are also keen on running major bitcoin scams and laundering money through cryptcurrency.

It’s not immediately known how the account hacks took place. Security researchers, however, found that the attackers had fully taken over the victims’ accounts, and also changed the email address associated with the account to make it harder for the real user to regain access.

Scammers frequently reply to high-profile accounts, like celebrities and public figures, to hijack the conversation and hoodwink unsuspecting victims. Twitter typically shuts these accounts down pretty fast.

A Twitter spokesperson, when reached, said the company was “looking into” the matter but didn’t immediately comment.

As of writing this article just one of the addresses have already received almost 125,000$ in BTC payments.

Amount of BTC payments the scammers have received to one address.

Also shares of Twitter fell as much as 3% in after-hours trading. In a professional opinion it seems Twitter really dropped the ball on this one. Unfortunately sometimes you can be so prepared and have the best security in place and still fall victim to these types of things. This one hack will definitely go down in the books and is just another notch on the belt of crazy stories for the year 2020.

UPDATE List of domains associated with the hackers and ongoing scam.