Twitter Bitcoin scam reached over 37% of Twitter’s userbase
On July 15th, 2020, between 20:00–22:00 UTC, cybercriminals took over multiple high-profile Twitter accounts to promote a Bitcoin scam. Hackers sent out tweets asking people to send cryptocurrencies to a specified wallet, and in return, the sent amount would be doubled and returned to the sender.
According to data analyzed by the Atlas VPN research team, the Twitter Bitcoin scam reached 382 million followers. Even the former US President Barack Obama’s account was compromised, an account which is followed by more than one-third of Twitter's users.
As a result, an excess of US$110,000 in Bitcoin had been sent to the scammers’ wallet before Twitter deleted the tweets.
After the incident, Twitter reported that an employee cooperated with cybercriminals to carry out the hack. A Twitter spokesperson said the company is still investigating whether the employee hijacked the accounts themselves or gave hackers access to an internal tool.
Adding up followers of the hacked accounts amounts to over 382.6 million followers. Since followers overlap from one account to another, this does not represent the number of individual users.
By far, the biggest account affected was Barack Obama’s. His official Twitter account has 121 million followers.
Another victim was an American media personality - Kim Kardashian; she just reached 66 million followers.
Prominent figures in the music industry have also been affected—Wiz Khalifa’s and Kanye West’s accounts were hacked. Wiz Khalifa has 36.4 million followers, and Kanye West has 30.6 million followers.
The incident affected major brands such as Apple (4.6 million followers), Uber (1 million followers, and CashApp (1 million followers).
Several cryptocurrency exchange companies were also compromised. Binance (1.1 million followers), Coinbase (1.1 million followers), CoinDesk ( 849 thousand followers), and multiple other cryptocurrency-related company’s accounts were affected by the hack.
After the fact, Twitter revealed that hackers accessed the direct messages inbox of up to 36 of the 130 targeted accounts. Moreover, scammers downloaded Twitter data of 8 accounts, including DMs, tweets, media, and other sensitive information.
Twitter's Userbase in 2020 Q2
Twitter is one of the most popular social media platforms globally. In July 2020, advertisers could reach around 326 million monetizable users, as stated on the DataReportal website.
However, in comparison to the first quarter of 2020, Twitter’s userbase dropped by 16% (61 million).
Twitter is the most popular in the United States. Users in the US amount to over 19% of the total userbase, or 62.55 million unique users. Japan and India are ranked second and third in terms of individual users, with 49.1 and 17 million users.
Brazil and the UK are fourth and fifth on the list, both having more than 15 million unique users.
Drawing conclusions from the incident, it became ever-so apparent that any social media platform can get hacked. No matter how many security measures users have in place to protect their social media account, it does not secure the account from insider threats.
An insider threat is a security concern to an organization that stems from employees within the company, who have sensitive information regarding the organization’s security systems, data, or administrative privileges.
A recent report by Reuters revealed that around 1,000 Twitter employees had administrative access to all accounts. Administrative access allows changing every user’s account settings. Even worse, employees can hand this access to others by simply sharing credentials.