Binance, Tron, Kucoin Among Crypto Platforms With Hacked Twitter Accounts
The Twitter accounts of top cryptocurrency exchange platforms have reportedly been hacked. Twitter accounts for Binance, Tron, Kucoin, Gemini and Coinbase are among those reported breached thus fueling suggestions that a key weakness or flaw in the microblogging site’s API may have been discovered and is being manipulated.
While it seems not a big deal for the crypto platforms on the surface aside from the misinformation that would be scattered – it is an issue for Twitter though – these accounts’ use as a way to peddle false free crypto giveaways has seen some falling for it.
A wallet from the hacker(s) has reportedly seen at least several people sent payment into it with about 5 BTC already received so far as at the time of this writing. One of the purported hundreds, if not thousands, of messages is from Ripple asking its followers to send 1,000 Ripple to its Covid-19 Fund in return for getting 2,000 Ripple. Others include tweets supposedly from popular American artist, Kanye west, phone company Apple, and Tesla’s Elon Musk whose fake tweet seems to see more success going by the multiple transactions that started going to the wallet after it got posted.
It seems like the hackers got access to "Twitter Panel", which is basically hacking one of the Twitter admins/employees. This gives direct admin access to accounts and allows individuals to chance e-mail & password.
— wolf (@ImNotTheWolf) July 15, 2020
The series of attacks have been likened to one that could have been caused by the work from home arrangements that have permeated many corporate organizations of late following measures introduced by businesses to sustain their operations despite a restriction on movements. The view is that one of Twitter’s home-based employees could have had their internet connection hacked, leading to many accounts being compromised through the individual and not the API – as it is not possible to change email addresses and passwords like the hacker(s) were doing through APIs
Since email addresses and phone numbers had to be reset, others think access to the Twitter accounts were done through SIM swap fraud which is common in the U.S.
Either way, this major Twitter hack relating to cryptocurrency-related accounts has seen messages of caution spread across the space including warnings not to click web links appear on the Twitter pages of the affected platforms.
The sweeping coincidence of how the attacks are carried out to take over top crypto-related Twitter accounts and using them to pin fraudulent messages on their profiles is of major interest. The scale of the attack is quite high as the hacker(s) seem to have gained access to all accounts on the Twitter platform.
LMAO Binance’s twitter just got hacked https://t.co/xEixiOZHS0
— Larry Cermak (@lawmaster) July 15, 2020
Note: twitter account emails are getting changed. To my knowledge no 3rd party Twitter app can do that. So… https://t.co/29x4QZI3kY
— Paolo Ardoino (@paoloardoino) July 15, 2020
The attacks may not look planned and it may not be understood how an employee could reach clients’ keys or dashboard (if an employee caused the attack), it should be noted that what would become of the personal details that got released on Twitter may also not be known.
The aftermath of these attacks may see Twitter respond with new measures to safeguard users’ personal information. However, aside from helping those who sent BTC to the hacker(s) expecting something in return to have gained some knowledge, this situation which is bad for Twitter could be probably bad for Bitcoin too. From the unpleasant media attention, to the top cryptocurrency being associated with negativity due to misconception, social media sites like Facebook and Google may be motivated to ban all crypto-related activities on their platforms.