Twitter Responds to CryptoForHealth Phishing Campaign; Investigation Ongoing

Share this article

Twitter has responded to an ongoing phishing campaign that has compromised dozens of verified user accounts.

We are aware of a security incident impacting accounts on Twitter. We are investigating and taking steps to fix it. We will update everyone shortly.

— Support (@Support) July 15, 2020

Verified Accounts on Twitter Locked

According to Twitter, some users will not be able to tweet or reset their passwords while Twitter resolves the issue.

It appears that this course of action only affects verified “blue check” users such as celebrities, journalists, politicians, and corporations. Some users’ reports suggest that verified accounts can publish scheduled tweets and retweet other users’ tweets, but cannot post new content.

The restrictions do not seem to apply to general users, who have continued to post throughout the phishing campaign.

Twitter’s accounts have not been compromised during the attack, despite photoshopped screenshots suggesting otherwise. However, Square’s Cash App, which has close ties to the social media platform through founder Jack Dorsey, was briefly compromised.

Attack Isn’t Over Yet

Twitter’s restrictions have not stopped the attacker. As of 12:30 UTC, the hacker’s Bitcoin account is still receiving crypto and has accumulated a balance of 12.8 BTC ($118,000).

The attacker may be running phishing campaigns on platforms outside of the social media site as well.

Two hours ago, Twitter wrote to confirm that a social engineering attack had targeted employees. They have reportedly locked affected accounts, removed tweets posted by the attackers, and have “taken significant steps to limit access to internal systems and tools while our investigation is ongoing.”

Our investigation is still ongoing but here’s what we know so far:

— Support (@Support) July 16, 2020

As the investigation unfolds, Crypto Briefing will continue to provide updates on the matter.

Share this article