Twitter hackers who targeted Elon Musk and others received $121,000 in bitcoin, analysis shows

Twitter hackers who targeted Elon Musk and others received $121,000 in bitcoin, analysis shows

  • On Wednesday, the Twitter accounts of some of the most famous people in the country were compromised as part of an apparent bitcoin scam.
  • For their efforts, the scammers received 400 payments in bitcoin, with a total value of $121,000 at Thursday’s exchange rate, according to an analysis of the Bitcoin blockchain.
  • The total is a low sum for what appears to be a historic hack that Twitter said involved an insider, said Tom Robinson, co-founder of Elliptic, the cryptocurrency compliance firm that performed the analysis.

On Wednesday, the Twitter accounts of some of the most famous people in the country were compromised as part of an apparent bitcoin scam.

Victims included Democratic presidential candidate Joe Biden, former President Barack Obama and Tesla CEO Elon Musk. Accounts for those people, and others, posted tweets asking followers to send bitcoin to a specific anonymous address.

For their efforts, the scammers received over 400 payments in bitcoin, with a total value of $121,000 at Thursday’s exchange rate, according to an analysis of the Bitcoin blockchain performed by Elliptic, a cryptocurrency compliance firm.

Elliptic co-founder Tom Robinson said it’s a low sum for what appears to be a historic hack that Twitter said involved an insider.

“Given the scale of the compromise I don’t think that’s very much, but what we often see with these type of exploits is that the exploit itself can be very sophisticated but they’re not very good at monetizing it,” Robinson said.

The scammers posted three separate bitcoin addresses and one address for the cryptocurrency Ripple, which didn’t receive any transactions, Robinson said.

The largest transaction received by the scammers was one payment of about $42,000, which could be traced back to a Japanese cryptocurrency exchange, Robinson told CNBC.

CNBC could not verify who sent the bitcoin or if all of the money was proceeds from the scam. It’s possible the scammers sent money to their own wallet to make their con look more successful.

Robinson said the people who fell for the racket were “a strange segment.”

“It’s people who are sophisticated enough to have crypto in the first place because otherwise they probably wouldn’t have been able to make the payments in that short period of time, but also not crypto sophisticated enough to recognize the scam,” Robinson said.

Shortly after the wallet started receiving funds, it started transferring them to different addresses. Robinson says that the scammers are probably doing this to “cash out.” There could be benefits to moving fast before exchanges where cryptocurrency can be traded for cash or other coins block the addresses, he said.

Gemini, a major U.S. exchange, said it blacklisted the affected bitcoin addresses on Wednesday.

The scam tweets posted on Wednesday are similar to past scam tweets asking for bitcoin, with one major difference: The attackers were able to post them from compromised verified accounts with lots of followers.

Elon Musk’s Twitter account was the first high-profile account to post a bitcoin tweet. Crypto scammers have targeted Musk in the past by creating dummy accounts that emulate Musk’s account name and profile picture. They use those dummy accounts and reply to Tesla or SpaceX tweets asking for bitcoin.

“If you liked the article, share it in ...”