No, Elon Musk isn’t going to double any Bitcoin you send to him in the next hour. Neither is Uber, or CashApp, Apple, Bill Gates, Kanye West, Joe Rogan, former Vice President Joe Biden, former presidential candidate Mike Bloomberg, Coinbase, or any of the other cryptocurrency exchanges that have recently tweeted offering up a two-for-one special due to COVID-19.
But, you might think that if you’ve been on Twitter at all on Wednesday afternoon:
Musk’s account was just one of many high profile and celebrity accounts tweeting out Bitcoin addresses with promises of sending back double of whatever was sent. The message also stated that there was a finite time attached to the offer (“for the next hour”), making it appear that it was a limited-time offer and encouraging people to hurry before time ran out.
And it worked. As of this writing, the individuals behind the attack have gathered more than 12.2 Bitcoin from more than 325 transactions—that’s over $112,000 at current exchange rates.
Musk’s account was among the first that got widely noticed, and rumors began swirling about possible avenues for the attack. Twitter users wondered: Could Musk’s account have been hacked alone? No, multiple accounts were compromised, and two-factor authentication was reportedly enabled for a number of accounts that were hit. Confusion and theories abounded on the social media platform throughout Wednesday afternoon. Perhaps a social media management company that failed to secure its system is to blame, some wondered.
Then rumors on several Blackhat Discord groups began citing insider information that a Twitter employee panel was compromised, allowing for unfettered access to accounts. Similar tweets specifically mentioned “CryptoForHealth”, a website that was quickly stripped of its hosting by Cloudflare (the company handling load balancing for the site) and of its domain registrar, Namesilo.
Musk’s account in particular has always been a hot spot for cryptocurrency social engineering. It’s not uncommon to read one of his Twitter threads and see an impersonator posting a Bitcoin or Ethereum address. At one point, Musk was even named the honorary CEO of parody crypto, Dogecoin.
Interestingly, the bad actor(s) have avoided facing off with accounts like U.S. President Donald Trump or Twitter CEO Jack Dorsey, although former President Barack Obama and Biden were targeted by the scammer(s).
As the breach is only hours old, there’s not much to be known about who is responsible, though I’m sure we’ll learn more about it as time goes on. And even though the current six-figure take is relatively low, this is one of the most mainstream cryptocurrency-related hacks of all times. Larger than Mt. Gox, Bitfinex, and more conspicuous than any other previous Bitcoin-related Ponzi scheme. It will likely go down as one of the most famous Bitcoin social engineering scams to-date.
And at the very least, it had to have been a rough afternoon at Twitter’s headquarters.