TWITTER HACK – High Profile Accounts affected. Read CoinDCX Pro’s Report.

Snapshot

• Twitter got hacked, accounts of major celebrities affected. 
• Approximate loss of $110,000 from 300 people. 
• Bitcoin is safe.

It was a bad day for Twitter when the social media platform started posting from the most powerful Twitter accounts in America about Cryptocurrencies on Wednesday. 

After the hacking incident, some popular accounts on Twitter have been temporarily  barred from tweeting for a while. Hence accounts of @smtgpt @CoinDCX and @nrjkhandelwal have been stopped from tweeting. We have raised a ticket with Twitter’s support team and will keep everyone posted.

What was the Twitter hack all about?

A well coordinated and planned attack on Twitter took place yesterday where Twitter accounts of major US celebrities and companies got hacked in a Bitcoin scam where hackers managed to accumulate about $110,000 in Bitcoins from about 300 people.

Twitter accounts of Bill Gates, Jeff Bezos, Elon Musk, companies like Apple and Uber and some of the leading cryptocurrency websites like Binance and Coinbase got hacked and shared one common message that these accounts were giving back to the community. Whoever sent $1,000 to the public address mentioned on the tweet would get $2,000 as a give away. 

Source – Twitter, Indian Express

Right after the attack went viral, Twitter CEO Jack Dorsey was seen sending tweets saying, “Tough day for us at Twitter. We all feel terrible this happened.” The company Twitter handle 

soon released another statement some time later saying, “We detected what we believe to be a coordinated social engineering attack by people who successfully targeted some of our employees with access to internal systems and tools.”

Although not much was lost due to the hack, this attack is surely one of the worst hacks that could happen to a social media platform. Some of the tweets from the hack that attacked the accounts of cryptocurrency exchanges by using phishing techniques are:

The website cryptoforhealth.com was soon flagged as a phishing site and popular Twitter accounts have been barred from tweeting to prevent such activity while the company works on its security policy. You can read more about phishing in our blog on the DCXLearn platform.  The Bitcoin wallet address mentioned in the tweets managed to get 12.865 BTC from the attack. 

In a series of tweets, @TwitterSupport acknowledged the “security incident” and informed users that they maybe be unable to tweet or reset passwords till the micro-blogging platform reviewed the incident.

We are aware of a security incident impacting accounts on Twitter. We are investigating and taking steps to fix it. We will update everyone shortly.

— Twitter Support (@TwitterSupport) July 15, 2020

We’re continuing to limit the ability to Tweet, reset your password, and some other account functionalities while we look into this. Thanks for your patience.

— Twitter Support (@TwitterSupport) July 15, 2020

We detected what we believe to be a coordinated social engineering attack by people who successfully targeted some of our employees with access to internal systems and tools.

— Twitter Support (@TwitterSupport) July 16, 2020

We also limited functionality for a much larger group of accounts, like all verified accounts (even those with no evidence of being compromised), while we continue to fully investigate this.

— Twitter Support (@TwitterSupport) July 16, 2020

Source – Twitter

You can find the complete series of tweets here. 

Clearly, the vulnerability that has been exploited was within the Twitter systems and not on the user side.Twitter said that its internal systems were compromised by the hackers, confirming theories that the attack could not have been conducted without access to the company’s own tools and employee privileges. Clearly, it wasn’t Bitcoin’s decentralized technology of Blockchain which was compromised in this case. Keeping aside the political implications this incident is going to have as Twitter is one of the most predominantly used platforms for political conversations, it is the technology and the security of the infrastructure which needs to be addressed in detail. 

Fraudulent activities in the financial sector are not limited to cryptocurrencies. The point to note here is Bitcoin transactions are irreversible, but are also traceable. Based on the monetary value, this incident is not of a large scale compared to other financial scams which have taken place in the last 2 years. This incident caught global attention because the accounts involved in this incident belong to some of the prominent celebrities on this planet. With Twitter taking steps to limit activities on its platform while investigating the issue, this is a time when the crypto + Tech industry must act collectively, monitor the scammers’ wallet closely, and also monitor for any transactions from that wallet. If the wallet is tied to an exchange that has KYC or adequate compliance measures in place, the exchange will be able to identify the individual or block transactions that might occur from the wallet.

Adding to this, this incident only brings a lesson on the improvements that global cybersecurity systems need and the steps we individually as a consumer of social media and fintech platforms should be taking to secure our funds and our data. There is a need across the globe to educate the public in order not to fall prey to such scams, and to protect themselves adequately against malicious criminal activity. 

To all CoinDCX Pro users, please follow the following guidelines:

Please follow the following guidelines:

1. Set up 2 – Factor Authentication – Setting up Two-Factor Authentication will ensure that no-one can access your CoinDCX Pro account without gaining access to both your password and the OTP.  Two-factor Authentication (2FA) is an extra layer of security for your CoinDCX Pro account that can be utilized to ensure that you are the only person who can access your account and ensure you are the only person who can perform account actions such as depositing, withdrawing, or trading. An authenticator app is usually installed on a smartphone and it generates a 6-8 digit passcode every 30 seconds. The passcode can be used for login, trading, and depositing or withdrawing funds from your account, or as a Master Key.
2. Always check your browser address bar – Always make sure the URL you’re visiting is: https://coindcx.com/. If the website you’re on looks exactly like ours but is even slightly different – you could be a victim of phishing and could lose control of your account. Bookmark the URL https://coindcx.com/. Remain vigilant!
3. Do not share sensitive information with anyone – While our community managers on Telegram and our support teams regularly converse with users over chat or call, no single CoinDCX Pro employee will ask for any sensitive information from you. The most any employee will ask is your email, phone number, and Support Ticket ID.
4. Use a strong password – We recommend that you use a strong password for your CoinDCX Pro account. While we have the highest levels of cryptocurrency security for our platform, using an easy-to-guess password leaves you vulnerable to “guess-hackers”.
5. Double-Check the recipient address – It is also essential that you double-check the recipient address and the amount as once its sent it cannot be retracted and is unrecoverable.
6. Beware of Scammers – Many hackers will try and use fraudulent techniques to obtain sensitive information by posing as a trustworthy entity. They send convincing emails while posing as a cryptocurrency exchange and acquire login details and personal passwords using phishing/social engineering. The hackers can use this information to access your cryptocurrency wallets causing harm. Avoid this by remaining cautious.
7. Phishing Scams – In a phishing scam, an attacker tries to disguise themselves as a trustworthy entity to trick you into giving them sensitive information that can be used to gain access to your devices and accounts to steal your money. Therefore, our clients must be very careful and practice good habits to avoid falling victim to these scams.

To learn steps to secure your account with Two-factor Authentication (2FA) on CoinDCX Pro, Click here