Apple's Twitter Account Hacked by Bitcoin Scammers

[drcre8tive]

You might think it would be obvious that this was a hack, but in total $100,000 in bitcoins were sent. That means there is an equal number of morons out there. I'm guessing they are the same people who think masks are a personal choice and that dinosaurs were on Noah's ark.

 

[riverfreak]

https://twitter.com/x/status/1283593252202074115

Wow. Just plain wow.

 

[deeddawg]

Perhaps you didn't read the article?

Unsurprising....

Study: 70% of Facebook users only read the headline of science stories before commenting

 

[I7guy]

Wow. Just plain wow.

Some heads should roll and new internal processes should be put in place to prevent this in the future. But "wow. Just plain wow" is absolutely correct.

 

[arnoz]

A "bitcoin scam" sounds like a pleonasm.

 

[MacCheetah3]

Some heads should roll and new internal processes should be put in place to prevent this in the future. But "wow. Just plain wow" is absolutely correct.

That scenario does presumably reveal security, sensible permission oversight.

1. Only the account owner should be able to modify an email address as it is a key form of notification. There isn't a good reason for anyone else, including a Twitter employee, to change this or a phone number.
2. Any account allowed to modify other accounts should also have automated restrictions:
A. Unusual login locations/devices should be verified (perhaps by a senior admin)
B. Only one or two modifications within an hour or some other reasonable period (attempting more should, again, alert a senior admin)

 

[jlc1978]

I'm guessing they are the same people who think masks are a personal choice and that dinosaurs were on Noah's ark.

They were. But they didn't wear masks so they died out.

 

[C DM]

Did someone here actually fell in the trap?

There's just above $100k worth of BTC in that account so I'd say some people did. I wonder how much he paid to get access and if that was worth it... $100k doesn't seem like much considering the circumstances and someone losing his job because of it.

It's not a scam, it's an IQ test where the test taker sets their own fee.

You might think it would be obvious that this was a hack, but in total $100,000 in bitcoins were sent. That means there is an equal number of morons out there. I'm guessing they are the same people who think masks are a personal choice and that dinosaurs were on Noah's ark.

You have to wonder though how those who would potentially fall for something like this would actually also be those who even know what bitcoin is, let alone to use it and actually have access to some.

 

[farewelwilliams]

What I gathered from your original post was that you were suggesting that Twitter should implement an algorithm that detects tweets such as these, not the exact one in question perse. Yes they could simply delete any tweet containing this specific bitcoin address. I don't think it would make sense to delete all tweets which contain any bitcoin address though. There are legitimate causes that accept bitcoin.

actually, turns out they just implemented it

https://twitter.com/x/status/1283681770676858880

 

[826317]

actually, turns out they just implemented it

https://twitter.com/x/status/1283681770676858880

Haha very good. Hopefully it's only temporary so it doesn't affect genuine causes who accept bitcoin.

 

[T-R-S]

inside job rogue employees
I find it very Ironic that people think Covid 19 and masks are a hoax and this obvious scam is the real deal...

 

[BenTrovato]

You might think it would be obvious that this was a hack, but in total $100,000 in bitcoins were sent. That means there is an equal number of morons out there. I'm guessing they are the same people who think masks are a personal choice and that dinosaurs were on Noah's ark.

Seriously... the CDC said that 100% of the donations to the bitcoin address were from mask wearers. They then adjusted the values to 94%. Only 6% of non mask wearers made the donations. Crazy bunch!

 

[FelixDerKater]

What's sad is that there may still be people who would fall for that...

 

[Romanesq]

So after eight pages of people patting themselves on the back talking about hackers, hack this way, hack that way, the entire scam was an inside job by a ****ter employee who did it for $2,000. I called it an inside job yesterday and a day later it turns out true.

All they found of him was a mask he left.

Hackers Convinced Twitter Employee to Help Them Hijack Accounts

After a wave of account takeovers, screenshots of an internal Twitter user administration tool are being shared in the hacking underground.

www.vice.com

 

[Apple_Robert]

So after eight pages of people patting themselves on the back talking about hackers, hack this way, hack that way, the entire scam was an inside job by a ****ter employee who did it for $2,000. I called it an inside job yesterday and a day later it turns out true.

All they found of him was a mask he left.

Hackers Convinced Twitter Employee to Help Them Hijack Accounts

After a wave of account takeovers, screenshots of an internal Twitter user administration tool are being shared in the hacking underground.

www.vice.com

You didn’t call it an inside job on here that i can see. Are you wanting a gold star or something for guessing correctly?

 

[Romanesq]

You didn’t call it an inside job on here that i can see. Are you wanting a gold star or something for guessing correctly?

No, I was not here yesterday. I called it yesterday on another website. Entertaining how people here didn't have much of an idea on how so many accounts were being compromised not hacked by an inside job.

The ****ter employee gave it up and also revealed in their tool panel how ****ter has created blacklist censorship tools. They won't comment about them even as they publicly claimed they don't censor people.

This is getting better and better.

 

[Shirasaki]

How do people not know this is a scam????

Probably because stupidity is rampaging human society for some reason.

 

[ulyssesric]

Study: 70% of Facebook users only read the headline of science stories before commenting

Be sure to read the 2nd paragraph.

 

[guerro]

Apple's Twitter account has been breached by bitcoin scammers who have also hacked the Twitter accounts of Tesla CEO Elon Musk, Amazon CEO Jeff Bezos, Microsoft CEO Bill Gates, and more.

Apple users should be careful not to believe the fake tweet, which is a scam to collect bitcoin. Twitter has been deleting the fake tweets, but the scammers who have breached the accounts have been repeatedly posting them.

The tweet that was posted on the Apple Twitter account has since been deleted. Given the number of high profile accounts that have been breached, the hack may have originated from a Twitter security vulnerability.

Apple does not actually use its official Apple Twitter account on the platform, reserving it for sending out reminders ahead of events and advertisements.

Update: Twitter says that it's looking into the security breach and will provide an update after implementing a fix.

https://twitter.com/x/status/1283518038445223936

Update 2: Twitter appears to have disabled all tweets from verified accounts, so no one with a verified account is able to tweet at this time.

https://twitter.com/x/status/1283541557656731648

Update 3: Most verified Twitter accounts are now once again able to tweet. Twitter is still working on fully fixing the issue.

https://twitter.com/x/status/1283562446196596737

Article Link: Apple's Twitter Account Hacked by Bitcoin Scammers

Sounds more like social engineering than actual hacking.

 

[Tucom]

not Trump?

He doesn't need help with public embarrassment

 

[7493920]

Scams by their very nature target the gullible, ill-informed or desperate. They don’t expect or need the majority of people to fall for it. It’s only ever a small minority that do.

Someone hasn’t seen The Music Man.

 

[narr]

Love the image for this article. Great job!

 

[PinkyMacGodess]

Well deserved, these social sites only contribute trash to mankind.

Someone said that 'Facebook is a cesspool'. I couldn't agree more. I finally got over the feeling that I would be missing something, and dropped FB. I sure am missing a lot. All the petty BS... Oh, and the stalking. (I actually found an old girlfriend on FB, totally by accident. I wished her well, and blocked her)

 

[MacCheetah3]

Read Twitter’s update on the huge hack — 8 accounts may have had private messages stolen

Even if it was:

Twitter previously confirmed that its own internal employee tools were used to facilitate the account takeovers, and suspected that its employees had fallen for a social engineering scam — now, the company is going further to say definitively that the attackers “successfully manipulated a small number of employees and used their credentials to access Twitter’s internal systems, including getting through our two-factor protections.”

The employee account restrictions I mentioned earlier would have caught the activity sooner and at least slowed things down. Companies don’t seem to realize how dangerously unpredictable and destructive the human factor can be at any/every level.

 

[icanhazmac]

IDK... this doesn't necessarily seem like anything harder than a script kiddie could figure out. Learn the login of somebody at Twitter, log into their account at AWS, then find the admin scripts. Use admin scripts to tweet as the 1000 accounts with the most followers.

To a kid who hasn't worked, this could certainly seem like a huge amount of money that they've brought in.

What better idea do you have for how to make money you've broken in?

A Florida teenager, who is accused of being the "mastermind" behind the July hacking of social media site Twitter, has been arrested

@ArtOfWarfare called it! Kiddies to blame! You win the internet today!