This Twitter hack will go down in the history books as one of the most incredible attacks in internet history. Not because of the size of the bounty – 12.86 Bitcoin so far. But rather due to the seriousness of the security breach and how gullible some people out there can be.
Make no mistake about it. This was a hack against Twitter. But the victims of the subsequent scam were all Bitcoin holders, extremely naïve Bitcoin holders.
Anatomy of the Twitter Hack
At around 3:30 pm Eastern Time, we got the first indication of an attack against crypto accounts on Twitter. The first account we noticed that got hacked, was Binance. At that point it would have been easy to blame Binance for neglecting their security, but this hack turned out to be much deeper than that:
- The attacker hacked multiple crypto Twitter accounts, such as Gemini and Coinbase among others
- Then, the hacker took control over more prominent, non-crypto accounts including President Obama’s account, Elon Musk’s and even Jeff Bezos’ account
- Gaining access to these accounts was only the first part of the attack
- The hacker quickly used access to these Twitter feeds to spread a scam that netted them over 12 BTC
- There are also rumors about a breach of the 2FA security mechanism as well, which would allow the hacker to keep the real owner of the account from resetting the password
This is the message the hacker posted on multiple Twitter accounts almost simultaneously:
Why were those Bitcoin Holders so Gullible?
As soon as the money started flowing into the hacker’s Bitcoin address, people started asking how could Bitcoin holders be so gullible? That is a great question.
Most holders, especially those who have been in the space for a while or really understand Bitcoin basics, wouldn’t have fallen for it. This indicates that the hacker managed to scam inexperienced users who probably bought into BTC without bothering to learn too much about it.
It was an educational moment for everyone without a doubt. Even for those who don’t hold Bitcoin and don’t seem to have any contact with the cryptocurrency.
Some even suggested that the hacker did Bitcoin a great service. They spread the word about BTC far and wide, through accounts that have never touched the subject before.
Blaming inexperienced Bitcoin users, however, doesn’t really do justice to the degree of failure that the world witnessed on July 16, 2020.
The Hacker Exposed Twitter!
According to Jameson Lopp, a cyber-security specialist and long-time member of the Bitcoin community, the hacker exposed Twitter’s vulnerabilities.
Lopp asserted that “Someone appears to have root level access to Twitter.” This is certainly a breach for the history books:
The fact that such an important platform got hacked at this level, actually exposes a variety of problems with:
- Centralized infrastructure
- The false sense of security that having a strong password on such a platform can create
- How useless 2FA systems can be
What’s Next for Twitter?
Jack Dorsey and his team have a lot of hard work ahead of them. They must work to find out how the hacker got access to so many Twitter accounts at once.
Then they must attempt to plug the hole in a centralized system that is, by default, incredibly flawed.
What About the Hacker?
In the meantime, Twitter users took to their favorite micro-blogging platform – Twitter, of course – to criticize:
- Those naïve Bitcoin holders that got scammed
- Twitter for the colossal security breach
- Bitcoin itself, for not preventing the attack or not rolling it back – yes, this also happened!
- The hacker, for stealing just over $100,000 USD in BTC instead of designing a complex attack that would involve shorting Tesla stock or shorting Bitcoin on exchanges and then using customized messages on certain accounts – like Binance – to induce panic selling.
The bottom line is this: The hacker got away with what they could pull off safely, without attracting the attention of the authorities.
They also exposed Twitter and taught the world a lesson in the advantages of Bitcoin, as well as the disadvantages of owning an asset you don’t know enough about. It was an incredible hack that resulted in a small heist!