Twitter Responds to CryptoForHealth Phishing Campaign; Investigation Ongoing

Twitter has attempted to stop an ongoing attack by locking down high-status accounts.

Investigation reveals secret btcp premine

Key Takeaways

  • Twitter has locked down verified or "blue check" accounts to prevent a phisher from accessing those accounts.
  • The CryptoForHealth phishing campaign has earned $120,000 of Bitcoin in just a few hours.
  • General users can continue to use Twitter as normal.

Share this article

Twitter has responded to an ongoing phishing campaign that has compromised dozens of verified user accounts.

Verified Accounts on Twitter Locked

According to Twitter, some users will not be able to tweet or reset their passwords while Twitter resolves the issue.

It appears that this course of action only affects verified “blue check” users such as celebrities, journalists, politicians, and corporations. Some users’ reports suggest that verified accounts can publish scheduled tweets and retweet other users’ tweets, but cannot post new content.

The restrictions do not seem to apply to general users, who have continued to post throughout the phishing campaign.

Twitter’s accounts have not been compromised during the attack, despite photoshopped screenshots suggesting otherwise. However, Square’s Cash App, which has close ties to the social media platform through founder Jack Dorsey, was briefly compromised.

Attack Isn’t Over Yet

Twitter’s restrictions have not stopped the attacker. As of 12:30 UTC, the hacker’s Bitcoin account is still receiving crypto and has accumulated a balance of 12.8 BTC ($118,000).

The attacker may be running phishing campaigns on platforms outside of the social media site as well.

Two hours ago, Twitter wrote to confirm that a social engineering attack had targeted employees. They have reportedly locked affected accounts, removed tweets posted by the attackers, and have “taken significant steps to limit access to internal systems and tools while our investigation is ongoing.”

As the investigation unfolds, Crypto Briefing will continue to provide updates on the matter.

Share this article

Loading...