This week was filled with news, reports, and speculations about the Twitter hack which luckily resulted in a minimum loss of funds relative to other major incidents this year. Additional details are available about the Cashaa exchange hack and Ethereum devs open a bug bounty program for the upcoming 2.0 upgrade.
On Wednesday July 15, 2020, Twitter.com experienced a mass scale attack resulting in the compromise of cryptocurrency related, celebrity, company accounts. Hijacked accounts were used to advertise a giveaway scam first hosted on a cryptoforhealth[.]com and after the site was taken down in the tweet itself:
There are several reports about the perpetrators behind the attack. It boils down to a group of young adults who managed to social engineer Twitter employees to access internal tools. The attackers have used a similar scheme in many previous campaigns together with massive blobs of corrupted Unicode left over from a Russian phishing kit.
Shortly after the scam campaign was over multiple blockchain analytics companies have started tracking stolen Bitcoin to mixing services, exchanges, and gambling sites. While the incident resulted in 130 Twitter accounts hijacked and about $120k worth of Bitcoin stolen this could have been a lot worse if not for a low sophistication of attackers, scam website quickly going down, and exchanges blocking sends to scammers’ addresses.
Cashaa provided some updates on the incident last week. The theft reportedly came from an employee running OTC operations from his personal, malware infested machine while using a bunch on 3rd party wallets.
Ethereum 2.0 developer is challenging White Hats to find bugs in the upcoming network upgrade.
Thanks for joining me this week and see you in another edition of Blockchain Threat Intelligence newsletter. In the meantime, head over to /r/blocksec for up to date information on the current threats.