If you look at Twitter's hackerone bounty payout category then for Oauth vulnerabilities they are paying 7k USD, but in the hacking case, the guy was able to take more than 100k$.
While a hacker is able to scam 100k$ then 7k$ is worthless. But the hacking fund is scam and the fund of the bounty is real. Yet, twitter should increase the bounty amount so that hacker do not take fund from public, and twitter can get their issue and solve their issue. 
Topic: [scam] Twitter hacked and Cryptoforhealth (Read 418 times)
That was evident.
If you look at Twitter's hackerone bounty payout category then for Oauth vulnerabilities they are paying 7k USD, but in the hacking case, the guy was able to take more than 100k$.
It is shame that twitter has these policies, recently apple announced 100k USD to a guy who found similar oAuth vulnerability in the iPhone app.
Policies of twitter need to be rethought upon.
If you look at Twitter's hackerone bounty payout category then for Oauth vulnerabilities they are paying 7k USD, but in the hacking case, the guy was able to take more than 100k$.
It is shame that twitter has these policies, recently apple announced 100k USD to a guy who found similar oAuth vulnerability in the iPhone app.
Policies of twitter need to be rethought upon.
It is interesting is that hackers used Chipmixer and Wasabi wallet to wash coins. They also used several exchanges and gambling websites.
You can see full report made by CipherTrace:
https://ciphertrace.com/twitter-hack-update-scammed-funds-traced-to-exchanges-and-mixing-services/
It is interesting is that hackers used Chipmixer and Wasabi wallet to wash coins. They also used several exchanges and gambling websites.
You can see full report made by CipherTrace:
https://ciphertrace.com/twitter-hack-update-scammed-funds-traced-to-exchanges-and-mixing-services/
I read the problem is internal it has nothing to do with the users, it's the fault of some of their employers that twitter was hacked, if these things happen again it's more likely that people will stop using twitter, or they will support an alternative
Apparently the hackers used some employees to access the system without their knowledge. I read twitter gonna make them attend lessons to avoid such mistakes in the future. imagine what will happen if Trump account is hacked, there could be chaos.
Twump message gonna be send meh 0.5 bitcoin if you want me to stay or 1 bitcoin if you wanna me to quit. Most transactions with the said amount will determine my later action! You have 1 hour. Now a Twitter like that gonna be so attractive
A little bit serious: hackers didn't hacked him because whether they are afraid from the consequences or else...conspiracy theory related to Hillary email scenario?
People should not blindly trust whatever they see on Twitter or read and listen on news.
They should use their brain and thinking power before doig anything or sending btc to any address.
Twitter now disabled posting of bitcoin addresses in tweets, but people found out that QR image codes are still allowed.
This is not the way to solve this situation.
They should use their brain and thinking power before doig anything or sending btc to any address.
Twitter now disabled posting of bitcoin addresses in tweets, but people found out that QR image codes are still allowed.
This is not the way to solve this situation.
I read the problem is internal it has nothing to do with the users, it's the fault of some of their employers that twitter was hacked, if these things happen again it's more likely that people will stop using twitter, or they will support an alternative, imagine what will happen if Trump account is hacked, there could be chaos.
I mean that such big celens tweeting about crypto and saying double your investment is not something that can be believed as it screams SCAM. Exchanges tweeting about it still makes sense but not Bill Gates.
Obviously, there are naive (greedy) people who still fall for such tricks. You know how they say, "There's a sucker born every minute".
And that is the more dangerous part of this, the data (sensitive or not) that the hackers where able to get hold of during this breach. Specially that high profile names are involved, like ex-Presidents or those billionaires and this is the most scary part of it. Money is just around $120k, manageable to say the least and many people fell for it, but the hackers could really get $$$ millions but he didn't maybe because his real intention is to scoop more damaging data from those people.
I mean that such big celens tweeting about crypto and saying double your investment is not something that can be believed as it screams SCAM. Exchanges tweeting about it still makes sense but not Bill Gates.
Obviously, there are naive (greedy) people who still fall for such tricks. You know how they say, "There's a sucker born every minute".
I mean that such big celens tweeting about crypto and saying double your investment is not something that can be believed as it screams SCAM. Exchanges tweeting about it still makes sense but not Bill Gates.
Obviously, there are naive (greedy) people who still fall for such tricks. You know how they say, "There's a sucker born every minute".
Twitter posted about it saying it was a coordinated SE attack but wonder why the hacker posted from these celeb's accounts. It was so obvious that it was a scam attempt but Twitter also proved to be so vulnerable.
What do you mean by 'why the hacker posted from these celeb's accounts'? He first started with accounts from crypto exchanges and prominent people from the crypto world. After that, he continued with the accounts of celebrities with a large number of followers. I guess he didn’t know how long he would be able to sustain the scam so he first used the accounts to reach out to the largest number of potential victims.
I mean that such big celens tweeting about crypto and saying double your investment is not something that can be believed as it screams SCAM. Exchanges tweeting about it still makes sense but not Bill Gates.
Hackers are sending coins to several exchanges and they have history in Bitmex and Coinbase
Source with more information:
https://pastebin.com/xWA14Hrz
In total there are 12 identified addresses:
https://www.elliptic.co/our-thinking/insights-from-elliptic-twitterhack-and-bitcoin-money-laundering
Thanks was searching for something like this.Source with more information:
https://pastebin.com/xWA14Hrz
In total there are 12 identified addresses:
https://www.elliptic.co/our-thinking/insights-from-elliptic-twitterhack-and-bitcoin-money-laundering
400 payments = $121,000 collected coming mainly from Asia (1/2) and North America (1/4)...
Funds moved from 3 addresses to 12 addresses + exchanges...
The good thing is the real time monitoring of the situation!
Hackers are sending coins to several exchanges and they have history in Bitmex and Coinbase
Source with more information:
https://pastebin.com/xWA14Hrz
In total there are 12 identified addresses:
https://www.elliptic.co/our-thinking/insights-from-elliptic-twitterhack-and-bitcoin-money-laundering
Source with more information:
https://pastebin.com/xWA14Hrz
In total there are 12 identified addresses:
https://www.elliptic.co/our-thinking/insights-from-elliptic-twitterhack-and-bitcoin-money-laundering
I am just surprised about this big scam and trying to emagine if they sell BTC all the Crypto market will be crashed.
Is there any way to get them back from scammers? Or to lock them so that they can't make market spoiled?
Probably not a chance until they caught them barehand. But with a decentralized manner of bitcoin how can you track the owner or even know his identity? Locking those bitcoin is impossible since no one can control over it. Maybe if it was tether can since they managed to do this on some address last few weeks issue. This proof how decentralized bitcoin is, a perfect gauge for scammers cause they know they cant be hunt easily.Is there any way to get them back from scammers? Or to lock them so that they can't make market spoiled?
The only way victim can get it back if Twitter compensate them for this incident. Well for the loss bitcoin called it donation already.
I am just surprised about this big scam and trying to emagine if they sell BTC all the Crypto market will be crashed.
Is there any way to get them back from scammers? Or to lock them so that they can't make market spoiled?
Is there any way to get them back from scammers? Or to lock them so that they can't make market spoiled?
Twitter now disabled posting of bitcoin addresses in tweets, but people found out that QR image codes are still allowed.
To be honest, how many people are going to take out their phones and scan a QR code they see on twitter? Not to mention that images on twitter are usually cropped unless you click on them.
That's horrible and more serious than I imagined. (Is Trump partnered also with scamforhealth too? Out of curiosity 
)
Is anyone here collecting the scammy addresses, finding it which Wallet is being used...?
) Is anyone here collecting the scammy addresses, finding it which Wallet is being used...?
Well done for the Twitter employees who are also hackers. This finally proves that Twitter is not trusted to share their privacy with them.
Tell me he's a Twitter employee? do you know that most hacks or embezzlement are carried out by a member of the team?
Even the bitcoin blockchain network has not yet been hacked at 54%.
Twitter the network 100% hacked.
Tell me he's a Twitter employee? do you know that most hacks or embezzlement are carried out by a member of the team?
Even the bitcoin blockchain network has not yet been hacked at 54%.
Twitter the network 100% hacked.
People should not blindly trust whatever they see on Twitter or read and listen on news.
They should use their brain and thinking power before doig anything or sending btc to any address.
Twitter now disabled posting of bitcoin addresses in tweets, but people found out that QR image codes are still allowed.
This is not the way to solve this situation.
They should use their brain and thinking power before doig anything or sending btc to any address.
Twitter now disabled posting of bitcoin addresses in tweets, but people found out that QR image codes are still allowed.
This is not the way to solve this situation.
I think we won't see any rectifying on behalf of Twitter in this situation, I would be happy if I'm wrong though.
I do hope they would, massive bitcoin were stolen in an instant due to twitter irresponsibility. Yeah maybe its not wise to fall for this kind of giveaway but like other's said here it was started on their own platform giving the choice to victim a dead end. Nothing helps when you have insider job hack, but there must be some kind of protection that is working as Trump was not hacked yet 
Someone could abused this to cause much more harm in the world.
Maybe they know they will end up in jail directly if they messed up on a jaguar like trump. So they wont even try it.Someone could abused this to cause much more harm in the world.
This is the biggest Twitter hack till date. I want to believe that verified accounts have extra security - say 2FA, Auth etc prior to the hack. So it means the cause of the hack isn't from the user's side but Twitter. Since those accounts were all verified accounts, it only means that the hack was targeted at only verified accounts with huge amount of followers. What's interesting about the entire saga is the fact that they only targeted well known accounts.
Twitter has been the de-facto platform for people to engage on a professional level, this hack leaves a lot of questions on how secured the platform is.
I wouldn't call what's going on on Twitter "professional" Twitter has been the de-facto platform for people to engage on a professional level, this hack leaves a lot of questions on how secured the platform is.
but you're right in one point: the source of this was Twitter. But it was not a hack, it was – as pointed out above – a social engineering attack on one of their gullible employees who just had access to the admin panel.Someone likely (I'm assuming) scooped the passwords (maybe when the employee logged in?), logged himself in into the admin panel and started posting in the names of other high profile accounts. Nothing got hacked.
Jump to: