Twitter confirms third-party involvement in crypto hackings
San Francisco: Micro-blogging site Twitter has confirmed that a third party software provider is responsible for the series of cryptocurrency-related hackings on its platform.
A Twitter spokesperson said attackers exploited a third-party marketing solution to blast fake Bitcoin giveaway links from a slew of verified accounts, The Next Web reported on Friday.
The confirmation comes days after a number of high-profile public figures and brands including Elon Musk and Google got their accounts breached to propagate malicious cryptocurrency giveaway links.
To make the accounts appear legitimate, the scammers used accounts with Twitter’s own verification mark.
In such cases, clicking on any of the links in the scam guided users to a page where they were urged to send anywhere from 0.1-one Bitcoin to the scammers — with the promise that they would receive one-10 Bitcoin as a reward, the media had reported.
But the victims never received any Bitcoin after sending money to the scammers.
The scam is made to seem more trustworthy as various other compromised accounts reply to the tweet claiming that it works.
“The confirmation the hackings originated from a third-party app explains how the attackers managed to run the Bitcoin giveaway scam at such a large scale and in such an organised manner,” the report added.