Don’t send bitcoin to celebrities… or to random people for that matter. This afternoon a number of high profile Twitter accounts were taken over, including Joe Biden, Bill Gates, Elon Musk, Apple, Jeff Bezos, and Kanye West, and the event appears to be ongoing. Each displayed a message saying they wanted to “give back” by doubling the bitcoin that they are sent. The messages all appear to have the same bitcoin wallet address.
This is reminiscent of the “Nigerian prince” scams, a form of advance-fee scam where an email asks for help with a small sum of money in order to obtain a larger sum. Those usually come in as spam emails which most people are wise to at this point. However, blindly following celebrities on Twitter may still deliver a good dose of naïveté when those platforms are misused.
Bitcoin transactions can be viewed publicly and this wallet is showing 11.8 BTC in and 5.8 BTC out in a total of 288 transactions. The net is roughly 6 bitcoin or $55k USD at the time of writing. Twitter’s response appears to have locked down all verified accounts from publishing new tweets. They retain the ability to retweet and delete existing tweets.
Main image screenshot sources:
55K is a nice payday. Somehow I’d imagined you could get more with the access they had although it was always going to be brief.
I wonder what a “better” way to use it would have been. It seems given the wide spread takeover that Twitter was hacked (or access misused) and not the individual accounts?
If I was gonna guess, I’d say it’s something like post-creation header modification so it posts to the wrong account.
It’s a hole in 2FA
I saw an ad for this on youtube the other day and thought, this has to be a scam…
You could short Tesla and retweek something Musk said last year, no one would even notice a breach.
As to my knowledge around 2013 Twitter account of Associated Press was hacked and published explosion in white house (with injured Barack Obama). For short moment stock market went down a lot. I guess that you could… never mind I will not post ideas.
So the thing that broke was the thing meant to stop it happening again, derp…
https://www.seroundtable.com/twitter-whitehouse-ap-hack-16688.html
I think it would have been more successful if they claimed they would match or double any amount given to a “charity’s” bitcoin wallet, but maybe they’ve got morals and only want to rip off greedy people?
This has been happening on Youtube a lot recently, a channel:
* Is hacked
* The channel’s face is completely changed to the SpaceX theme
* The channel livestreams a recent SpaceX video conf with messages promising to multiply bitcoins sent
This goes on for a few hours until Youtube shuts it down. They don’t seem to have put anything in place to auto-detect this and shut it off automatically, which is a bit sad considering I’ve seen this several times in a week.
few hours? on some channels it took a week to get youtube tor react
This has been all over twitter for years, the only difference being that the scammers had look-alike accounts rather than having gained access to the real thing. If you are not familiar with this scam already, you haven’t been looking.
But frankly, if they said something in Elon Musk’s name, I would not be more suspicious that his account has been taken over than by some of the stuff that he has actually said and done of late. One of which had me calling him an ass. For all his achievements and the new kid he doesn’t seem like a very happy guy right now.
You mean their is no Nigerian prince? I have been waiting for him to unencumber his assets. I have been waiting since 1989. Even if he just gifts me in the interest. I will be laughing at all of you than. Laughing my ass right off.
What might be funny for these guys would be to use anonymous mailers and spam them with thousands of random numbers that look like bitcoin. I wonder if you could make weeding the wheat out of the chaff not worthwhile for them?
I recommend taking a look at this talk I wrote about from 2016 Shmoocon on Phishing for scammers:
https://hackaday.com/2016/01/16/shmoocon-2016-phishing-for-the-phishers/
I think the video of the talk is on Internet Archive:
https://archive.org/details/Where_Do_The_Phishers_Live
Sadly, they are watching for transactions in the bitcoin network, not email, so the network itself filters junk from real bitcoin – basically, bitcoin doesn’t happen over anything you can mail.
Hah, I was just about to type this up. Mike is on top of his game today.
It looks like the method of compromise is a way to change the email account on record for a given account. The attacker changes it to one they control, then does a password reset. Possibly related to the new API in testing.
Hah, it looks like Twitter has blocked all tweets from verified users for the time being. They can retweet, but don’t seem to be able to tweet at the moment.
Not the worst fix. They could have taken down the entire platform.
The real question, did they have that button already coded up, and under a “break in case of emergency” glass?
No no, that would be silly. Broken glass is sharp and could cut some one! The button is right out in the center of the reception area, circled with goose down pillows and the reanimated bodies of several zombie cranes.
Here one do have to ask the question.
Would it have been more profitable to just go to Twitter and inform them of the problem and asked for payment in return?
After all, currently whoever is responsible for this obvious hack is likely going to face rather large fines and or jail time. While if they informed Twitter of it then they would not face any legal ramifications. (unless they live in Mexico, since there it is currently illegal regardless….)
Yeah, more like a common criminal than a hacker. They probably bought the D0 on the dark web.
I was going through a stressful time and actually feel for this scam on Elon’s Twitter account to the tune of ~ $5K. The BTC ended up somewhere in the Ukraine. I reported it to IC3.gov where I’m sure someone got a good laugh…if even that. Pretty damn embarrassing!
Musk is the only believable one, those other globalists would never use Bitcoin.
I wouldn’t have believed it from Musk’s account, he’s mildly enthusiastic about bitcoin but owns very little. He also may have been having personal liquidity problems of late (needing to buy up all his low priced share options)
not a bitcoin user, but i just took a look at the transation log and saw something weird at 2020-07-15 23:42. a series of transactions
1JustReadALL1111111111111114ptkoK 0.00000666 BTC
1TransactionoutputsAsTexta13AtQyk 0.00000667 BTC
1YouTakeRiskWhenUseBitcoin11cGozM 0.00000668 BTC
1forYourTwitterGame111111112XNLpa 0.00000669 BTC
1BitcoinisTraceabLe1111111ZvyqNWW 0.00000670 BTC
1WhyNotMonero777777777777a14A99D8 0.00000671 BTC
bc1qxy2kgdygjrsqtzq2n0yrf2493p83kkfjhx0wlh 0.00001337 BTC
bc1qwr30ddc04zqp878c0evdrqfx564mmf0dy2w39l 0.00001337 BTC
I didnt know that messages could be encoded in the transaction.
https://en.bitcoin.it/wiki/Vanitygen
Yes, but there’s some really long strings there, so I’m thinking those private keys are unknown and they will just expect the payments to bounce as undeliverable.
You gotta be a bit sociopathic though to invite criminals to your favorite coin.
It won’t bounce, they just won’t have access to the bitcoin.
It’s known as a “bitcoin eater address”, here’s another example of one: https://www.blockchain.com/btc/address/1BitcoinEaterAddressDontSendf59kuE
This isn’t new, goes back centuries, check this out.
https://www.startribune.com/feb-13-1910-spanish-fraud-letters-flood-state/84354257/
Probably goes back to the cavemen though, technology changes, gullibility is eternal.
If leave deer for moon god Shi-Nee-Sky-Ting on rock near big oak, then he reward you with mammoth in 5 suns.
🤣
5 MAMMOTH!!! Me no can say no!
All this power and they used it on a lame Bitcoin scam? They could have started a war!
I’m a bit embarrassed to say that I almost fell for something like this recently. A livestream of a SpaceX conference with Elon Musk popped up and had a BTC address on it promising a double of returns. I didn’t quite have enough coin in my wallet. I went to a friend to borrow a little, and he said with good skepticism “And you’re 100% sure this isn’t a scam?” to which I replied “I am not 100% sure.” and then I thought about it:
And suddenly I was like “Of course this is a scam – how is it that I thought it wasn’t?”
And this one kids is why you should play more video games. Any seasoned EVE Online player would know you never send money to Jita local ‘double you isk’ scammers.
You should play more video games because their worlds are worse than this one? Eugh.
Could make sense. Prepares you for this harsh reality in a way, that does not hurt you in real life.
(unless you play so much, that you do not have a real life anymore …)
Yeah, I saw this more than a month ago, Maybe it was on the Elon Musk twitter account, if not it was on some either official or non-official site linked with Musk some how – maybe it was on Teslaratti, I don’t remember. One thing is certain, the scam has been out there awhile. The news here is that it has infected Twitter to the point where it’s getting attention by the otherwise anti-right obsessed censor-bots on Twitter. Anyway, with shields up at maximum I jumped through a VPN tunnel and checked it out. You’d have to be a complete idiot to fall for this scam; and even if you did fall for it the entry price was around $1K (~0.1BTC) of crypto-currency, which is way too high for anyone sensible to risk. I de-linked and chuckled. I didn’t even consider raising a warning flag, the scam was just so obvious I didn’t think it was worth worrying about. And even if you did fall into the trap, then good – survival of the fittest.
Oh Well, as they say: “A fool and his money are soon parted”
But how did the fool get their money in the first place?
Mostly, just born into it.
This will affect the rate at which people use bitcoin for a business transaction
The scam here is that the BTC wallet address is wrong! Get in touch with me if you want to have the REAL one!
Hold on to my wallet!
5 Fast Lessons for the Clueless:
1) If it sounds too good to be true, it usually is…
2) Rich people don’t get rich by giving away their money to antisocial media dopes.
3) Casinos don’t keep the lights on by paying out money to winners.
4) Bitcoin has always been nothing but a scam.
5) Delete your antisocial media accounts- they are toxic to you and society as a whole.
6) The only way to win in a lottery is to organize it.
Teslacles deviant: your chances of winning a lottery are almost exactly the same whether you buy a ticket or not, so don’t buy a ticket.
The NYTimes had a graphic showing what followers donated the most. The two top donors were followers of Apple and Barack Obama. They literally blew it out of the water compared to the others. Not many Musk people or Kanye followers were duped. Search for the graphic, it is interesting.
I wonder if those accounts are seen as more trustworthy? When this broke I wasn’t surprised to see e.g. Musk’s account had been hacked. Obama and Apple surprised me – surely they know about security? They wouldn’t be phished? But it’s actually twitter which got hacked, which I wasn’t expecting.
This should be said in a more concise manner.
“The only winner in a lottery is the organizer.”
Please don’t add any nationality to a new to make headlines, it shows you are not professional and some of your news is fake. The teen behind this is from Florida not Nigerian. Take is new down or we start a campaign on this.
The title of this article alludes to a commonly known scam often referred to as the “Nigerian Prince Scam” because of the text used in those emails. It does not assign a nationality to the people who perpetrated this scam. Please see the wiki page on advance-fee scams for more background on this.