Nexo

Start Earning Up to 16% Interest Automatically

Learn More
Home » Analysis » Twitter Responds to CryptoForHealth Phishing Campaign; Investigation Ongoing

Twitter Responds to CryptoForHealth Phishing Campaign; Investigation Ongoing

by

Twitter has attempted to stop an ongoing attack by locking down high-status accounts.

Investigation reveals secret btcp premine

Key Takeaways

  • Twitter has locked down verified or "blue check" accounts to prevent a phisher from accessing those accounts.
  • The CryptoForHealth phishing campaign has earned $120,000 of Bitcoin in just a few hours.
  • General users can continue to use Twitter as normal.

Share this article

Twitter has responded to an ongoing phishing campaign that has compromised dozens of verified user accounts.

Verified Accounts on Twitter Locked

According to Twitter, some users will not be able to tweet or reset their passwords while Twitter resolves the issue.

It appears that this course of action only affects verified “blue check” users such as celebrities, journalists, politicians, and corporations. Some users’ reports suggest that verified accounts can publish scheduled tweets and retweet other users’ tweets, but cannot post new content.

The restrictions do not seem to apply to general users, who have continued to post throughout the phishing campaign.

Twitter’s accounts have not been compromised during the attack, despite photoshopped screenshots suggesting otherwise. However, Square’s Cash App, which has close ties to the social media platform through founder Jack Dorsey, was briefly compromised.

Attack Isn’t Over Yet

Twitter’s restrictions have not stopped the attacker. As of 12:30 UTC, the hacker’s Bitcoin account is still receiving crypto and has accumulated a balance of 12.8 BTC ($118,000).

The attacker may be running phishing campaigns on platforms outside of the social media site as well.

Two hours ago, Twitter wrote to confirm that a social engineering attack had targeted employees. They have reportedly locked affected accounts, removed tweets posted by the attackers, and have “taken significant steps to limit access to internal systems and tools while our investigation is ongoing.”

As the investigation unfolds, Crypto Briefing will continue to provide updates on the matter.

Share this article

The information on or accessed through this website is obtained from independent sources we believe to be accurate and reliable, but Decentral Media, Inc. makes no representation or warranty as to the timeliness, completeness, or accuracy of any information on or accessed through this website. Decentral Media, Inc. is not an investment advisor. We do not give personalized investment advice or other financial advice. The information on this website is subject to change without notice. Some or all of the information on this website may become outdated, or it may be or become incomplete or inaccurate. We may, but are not obligated to, update any outdated, incomplete, or inaccurate information.

Crypto Briefing may augment articles with AI-generated content created by Crypto Briefing’s own proprietary AI platform. We use AI as a tool to deliver fast, valuable and actionable information without losing the insight - and oversight - of experienced crypto natives. All AI augmented content is carefully reviewed, including for factural accuracy, by our editors and writers, and always draws from multiple primary and secondary sources when available to create our stories and articles.

You should never make an investment decision on an ICO, IEO, or other investment based on the information on this website, and you should never interpret or otherwise rely on any of the information on this website as investment advice. We strongly recommend that you consult a licensed investment advisor or other qualified financial professional if you are seeking investment advice on an ICO, IEO, or other investment. We do not accept compensation in any form for analyzing or reporting on any ICO, IEO, cryptocurrency, currency, tokenized sales, securities, or commodities.

See full terms and conditions.