Nick Chong · 6 days ago · 2 min read · Insights via Grayscale Investments
Bitcoin › U.K. › Scams
Scammers Steal £137,000 in Crypto Hacking, Posed As Verified Twitter Accounts
Attack of the Fake Elon
The hackers pirated the verified accounts of clothing store Matalan and film company Pathé UK, then claimed to be Elon Musk and promoted a phony giveaway via the social media accounts. The two accounts had a total combined following of around 100,000. By Monday night, the fraudsters managed to steal £137,000 from nearly 400 people donating to the fake contest as of Tuesday.
Once hacked, the accounts’ photos and names were changed to match Elon Musk’s official verified account, and the deception was aided by the fact that the accounts kept their blue verification check mark.
The fake Elon account claimed Musk was stepping down from Tesla and giving away 10,000 BTC to commemorate it. Most were able to spot it as a scam, but enough people were duped for the hackers to get away with a sizable amount of money via requests for BTC to “verify their address.” Users were encouraged to donate more BTC with the promise that they’d get much more back than they put in, “+200% back!” according to the scam page.
Wow… that scam tweet on my feed… quite sofisticated. It's not the real @elonmusk account, it's a fake, but it got twitter's verified symbol, and was promoted in twitter to appear in my timeline.
Careful when paying with bitcoins, because they are untraceable, great for scams pic.twitter.com/WS283DKMmQ
— Diego Bez. (@Diegobez) November 5, 2018
The first account hacked was Pathé UK, which was restored by yesterday afternoon, according to reports. Then came Matalan, who managed to regain their account much more quickly, even joking about the hack once they were back behind the controls, stating on Twitter:
“And we’re back! Apologies for the brief interlude. You know you’re important when someone takes the time to hack your account!”
The tweet has since been taken down.
A third account, American book publisher Pantheon Books, was allegedly hacked as part of the scam as well. The account has just over 70,000 followers, and as of this writing, all fake tweets have been removed.
Responding to the Breach
When asked about the security of their network, and the speed at which they could respond to these kinds of breaches, a spokesman from Twitter told the Telegraph that “impersonating another individual to deceive users is a clear violation of the Twitter rules,” adding:
“Twitter has also substantially improved how we tackle cryptocurrency scams on the platform. In recent weeks, user impressions have fallen by a multiple of 10 in recent weeks as we continue to invest in more proactive tools to detect spammy and malicious activity.”
Two-factor authentication (2fa) could be utilized to help prevent scams like this, as the accounts may have been phished, but users of verified accounts don’t seem to want to deal with the extra hassle to access their feed.
“Many verified accounts are used by multiple people, and I suspect some switch off some of the security features for ease of use — that’s where things tend to start going wrong,” Chris Boyd, lead malware intelligence at Malwarebytes, stated in an interview with tech site ZDnet.
Were the scammers able to steal more money as a result of the blue check marks? It likely lent a degree of credibility to something that would’ve immediately been dismissed as a scam otherwise.
However, much of the language and tactics smacked of typical scam behavior, notably the request of money for a dubious reason and the promise of a ridiculously high return. Similar tactics have been used by innumerable fake ICOs and false crypto companies hoping to make an easy buck, and awareness of scams is increasing as knowledge of what to look for becomes more widespread.