This is the biggest Twitter hack till date. I want to believe that verified accounts have extra security - say 2FA, Auth etc prior to the hack. So it means the cause of the hack isn't from the user's side but Twitter. Since those accounts were all verified accounts, it only means that the hack was targeted at only verified accounts with huge amount of followers. What's interesting about the entire saga is the fact that they only targeted well known accounts.
Twitter has been the de-facto platform for people to engage on a professional level, this hack leaves a lot of questions on how secured the platform is.
Topic: [scam] Twitter hacked and Cryptoforhealth - page 2. (Read 418 times)
we can have a lot of analyzes, some of which are illogical such that they did not have time to prepare a better scam, they could ignite a third world war.
logical behavior is that they want to embarrass Twitter and prove that it is weak, after the last comment on Trump's tweets, and they also want to promote bitcoin.
If they return bitcoin to their owners, they will prove this analysis.
It is the best promotion for bitcoin has happened before.
that was must happen from exchanges. hacker was using site then used addresses
logical behavior is that they want to embarrass Twitter and prove that it is weak, after the last comment on Trump's tweets, and they also want to promote bitcoin.
If they return bitcoin to their owners, they will prove this analysis.
It is the best promotion for bitcoin has happened before.
that was must happen from exchanges. hacker was using site then used addresses
Twitter posted about it saying it was a coordinated SE attack but wonder why the hacker posted from these celeb's accounts. It was so obvious that it was a scam attempt but Twitter also proved to be so vulnerable.
What do you mean by 'why the hacker posted from these celeb's accounts'? He first started with accounts from crypto exchanges and prominent people from the crypto world. After that, he continued with the accounts of celebrities with a large number of followers. I guess he didn’t know how long he would be able to sustain the scam so he first used the accounts to reach out to the largest number of potential victims.
Twitter posted about it saying it was a coordinated SE attack but wonder why the hacker posted from these celeb's accounts. It was so obvious that it was a scam attempt but Twitter also proved to be so vulnerable.
It seems that 2FA is not helpful when it comes to insider attacks.
Nothing helps when you have insider job hack, but there must be some kind of protection that is working as Trump was not hacked yet 
Someone could abused this to cause much more harm in the world.
Looks like the hacker didn't have much time to prepare this scam. He used the simplest method and tried to make maximum profit. But the truth is, with enough planning this could have been a lot worse.
Combine human stupidity with fear and the sky is the limit!
It seems that 2FA is not helpful when it comes to insider attacks.
Nothing helps when you have insider job hack, but there must be some kind of protection that is working as Trump was not hacked yet Someone could abused this to cause much more harm in the world.
What can you do to protect yourself?
- Add more security and 2FA to your twitter account
- Log out all other sessions
- Revoke access for all 3rd party apps
It seems that 2FA is not helpful when it comes to insider attacks.
According to Chainalysis, scammers posted at least three btc addresses and one xrp address. Almost all funds came from different centralized exchanges, the largest donation of 40k $ was sent from Japanese exchange. Check full thread for more information https://twitter.com/chainalysis/status/1283576349630836737
Centralized exchanges started censoring those addresses used by twitter scammers.
This particular case clearly shows us a distinction between centralized services like Twitter and decentralized systems like Bitcoin. In Bitcoin, it is not possible to convince or bribe someone to help hacking Bitcoin. It is just not possible, because there is no point of failure, no malicious employees selling admin tools. Hackers can use social engineering to steal bitcoins from individuals, but they cannot hack the very protocol and steal all bitcoins.
Source: https://www.vice.com/amp/en_us/article/jgxd3d/twitter-insider-access-panel-account-hacks-biden-uber-bezos
Quote
A Twitter insider was responsible for a wave of high profile account takeovers on Wednesday, according to leaked screenshots obtained by Motherboard and two sources who took over accounts.
Source: https://www.vice.com/amp/en_us/article/jgxd3d/twitter-insider-access-panel-account-hacks-biden-uber-bezos
Another point for decentralization.
Social hacking is and was the most reliable way to hack big systems or corporations and that won't change. Human is always the weakest link in any system. Some are not careful enough and cause this kind of things, but even those that are extra careful always have something to lose and if you know what they cherish the most - they are hackable.
An investigator could start in which what could've been the common things that they have? Not just the literally they have millions of followers, some have crypto-related content or anything. I thought of these things below.
Maybe to that extent, but oh boy, it's a big tarnish towards the Twitter name.
- What third-party companies/software they have been using in common
- The API tokens of twitter have been compromised?
- Are the timestamp on the tweets similar?
Maybe to that extent, but oh boy, it's a big tarnish towards the Twitter name.
Twitter is at fault here and should rectify for those who victimized by sending bitcoins to the scammer wallet.
They are definitely part of the reason why the scam had started in the first place. I think they need to up their game on their servers and be more secure with how accounts can get access. I think there are more reasons for how they could've accessed it.
This particular case clearly shows us a distinction between centralized services like Twitter and decentralized systems like Bitcoin. In Bitcoin, it is not possible to convince or bribe someone to help hacking Bitcoin. It is just not possible, because there is no point of failure, no malicious employees selling admin tools. Hackers can use social engineering to steal bitcoins from individuals, but they cannot hack the very protocol and steal all bitcoins.
Source: https://www.vice.com/amp/en_us/article/jgxd3d/twitter-insider-access-panel-account-hacks-biden-uber-bezos
Quote
A Twitter insider was responsible for a wave of high profile account takeovers on Wednesday, according to leaked screenshots obtained by Motherboard and two sources who took over accounts.
Source: https://www.vice.com/amp/en_us/article/jgxd3d/twitter-insider-access-panel-account-hacks-biden-uber-bezos
Oh boy! I saw this Tweet and this address has 35k btc which according to the tweet also belong to the scammer who did this twitter incident.
These guys knows well how to do it and when. Imagine how many people got fooled by using authentic accounts of known people including previous President Obama. I believe this is a group who operates at large scam scale attempt. How could they amass 35k btc that worth $300 million? This will affect the crypto industry, no matter where we viewed it.
Twitter is at fault here and should rectify for those who victimized by sending bitcoins to the scammer wallet.
Code:
1A5PFH8NdhLy1raKXKxFoqUgMAPUaqivqp
These guys knows well how to do it and when. Imagine how many people got fooled by using authentic accounts of known people including previous President Obama. I believe this is a group who operates at large scam scale attempt. How could they amass 35k btc that worth $300 million? This will affect the crypto industry, no matter where we viewed it.
Twitter is at fault here and should rectify for those who victimized by sending bitcoins to the scammer wallet.
I think we won't see any rectifying on behalf of Twitter in this situation, I would be happy if I'm wrong though. I think there are more wallets involved in this scam and that numbers will be even bigger in coming days as more info is unveiled.
I saw at least 3 wallets exposed and tied to scammers so far and most likely more will be coming.
Oh boy! I saw this Tweet and this address has 35k btc which according to the tweet also belong to the scammer who did this twitter incident.
These guys knows well how to do it and when. Imagine how many people got fooled by using authentic accounts of known people including previous President Obama. I believe this is a group who operates at large scam scale attempt. How could they amass 35k btc that worth $300 million? This will affect the crypto industry, no matter where we viewed it.
Twitter is at fault here and should rectify for those who victimized by sending bitcoins to the scammer wallet.
Code:
1A5PFH8NdhLy1raKXKxFoqUgMAPUaqivqp
These guys knows well how to do it and when. Imagine how many people got fooled by using authentic accounts of known people including previous President Obama. I believe this is a group who operates at large scam scale attempt. How could they amass 35k btc that worth $300 million? This will affect the crypto industry, no matter where we viewed it.
Twitter is at fault here and should rectify for those who victimized by sending bitcoins to the scammer wallet.
Twitter accounts of crypto exchanges and influencers are being hacked across board, Hackers are asking for donations and have already made 0.18 BTC. Affected accounts include Binance, CoinDesk, Coinbase, Gemini, CZ_Binance, Kucoin, Justin Sun, Charlie Lee and more. Do not click on any link on Twitter and please report all affected accounts as hacked! Take note: All Tweet are NOT #SAFU
Glad that it's archived immediately after the scam announcement but there are some casualties but could be coming from scammers funds so they can enticed people to invest, people nowadays should do a lot of research and asking about the veracity of every announcement that's coming, we can never really tell if all of these are real.
Twitter API compromised and big Twitter accounts posting about cryptoforhealth.com scam
Real accounts posting and retweet random giveaways
So cryptoforhealth.com is undoubtedly a scam site. I have also been informed it via coinbase. For this scam by twitter API, wont twitter face court to give the retention to those people/company who losses fund for this scam. I think twitter should have take the liability as they approved the API. They should approve only those API which is not harmful. Real accounts posting and retweet random giveaways
Many more hacked and this scam went crazy on Twitter!!!
- Mr Beast
- Elon Musk
- Bill Gates
- Kanye West
- Floyd Mayweather
- Apple
- Jason Elia
- Obama
- xxxTentacion
- vrunt
- LuckyovLegends
- Warren Buffet
- Mr Beast
- Elon Musk
- Bill Gates
- Kanye West
- Floyd Mayweather
- Apple
- Jason Elia
- Obama
- xxxTentacion
- vrunt
- LuckyovLegends
- Warren Buffet
What Happened: Twitter API compromised and big Twitter accounts posting about cryptoforhealth.com scam
Real accounts posting and retweet random giveaways
https://twitter.com/chainalysis/status/1283576349630836737
What can you do to protect yourself?
- Add more security and 2FA to your twitter account
- Log out all other sessions
- Revoke access for all 3rd party apps
Real accounts posting and retweet random giveaways
Code:
website: https://cryptoforhealth.com/
Archived: https://web.archive.org/web/20200715195113/https://cryptoforhealth.com/
twitter: https://twitter.com/binance
Archived: https://web.archive.org/web/20200715195958/https://twitter.com/binance
https://twitter.com/Bitcoin
https://web.archive.org/web/20200711164007/https://twitter.com/Bitcoin
Archived: https://web.archive.org/web/20200715195113/https://cryptoforhealth.com/
twitter: https://twitter.com/binance
Archived: https://web.archive.org/web/20200715195958/https://twitter.com/binance
https://twitter.com/Bitcoin
https://web.archive.org/web/20200711164007/https://twitter.com/Bitcoin
https://twitter.com/chainalysis/status/1283576349630836737
What can you do to protect yourself?
- Add more security and 2FA to your twitter account
- Log out all other sessions
- Revoke access for all 3rd party apps
Quote
Domain Name: cryptoforhealth.com
Registrar WHOIS Server: whois.namesilo.com
Registrar URL: https://www.namesilo.com/
Updated Date: 2020-07-15T07:00:00Z
Creation Date: 2020-07-15T07:00:00Z
Registrar Registration Expiration Date: 2021-07-15T07:00:00Z
Registrar: NameSilo, LLC
Registrar WHOIS Server: whois.namesilo.com
Registrar URL: https://www.namesilo.com/
Updated Date: 2020-07-15T07:00:00Z
Creation Date: 2020-07-15T07:00:00Z
Registrar Registration Expiration Date: 2021-07-15T07:00:00Z
Registrar: NameSilo, LLC
Jump to: