Twitter is Struggling To Contain the Bitcoin Scam Outbreak

Google's official G Suite Twitter account is the latest victim of an ongoing bitcoin scam that has been plaguing the social media platform for the last few weeks. Earlier on Wednesday, Target saw a similar hack. From a report: G Suite might be the highest-profile target of the scam yet, which saw fake, promoted tweets that appeared to originate from the G Suite account pop up in users' timelines this afternoon, directing them toward a scammy bitcoin address as part of a "giveaway." From another report: The hackers have also hacked other high-profile accounts and made similar pledges, Twitter confirmed. In multiple cases, they have impersonated Elon Musk, the CEO of Tesla and SpaceX, and made a similar bitcoin pledge. To do so, they installed Musk's Twitter photo on the verified Twitter accounts they hacked and changed the accounts' display name to his. Musk's genuine Twitter account has not been compromised. In this incident, the scammers direct unsuspecting Twitter users to click on a giveaway link and to send bitcoin payments to them. By sending a certain amount, users are dubiously promised more bitcoin in return. Victims are also promised a chance at winning more. In some cases, the hackers have apparently paid Twitter to promote the ads. It was not immediately clear why Twitter was not able to stop those promotions from occurring.

Fake accounts for gathering fairy dust

[WoodstockJeff]

Hacking the stupid is always easy.

Re:Fake accounts for gathering fairy dust

Right. Social media is the latest stupidity where everyone is welcome and excessive participation encouraged. When I was a youngster TV was said to rot ones mind. I feel nothing but nostalgia for those days,,,

Re:Fake accounts for gathering fairy dust

Haha Jeff, you're the biggest "fairy" of them all!

Re: Fake accounts for gathering fairy dust

I suck big cocks. ... apk

Re:Fake accounts for gathering fairy dust

You are correct and this isn't materially different from a standard issue email phishing campaign. I didn't see the others, but the fake Musk tweets bore all the hallmarks....poorly worded, robot generated account name, too good to be true claims....all that stuff.

Twitter puts the actual account name right next to the label. If people can't be bothered to check it they'll just get scammed some other way.

Re:Fake accounts for gathering fairy dust

[alvinrod]

Is this even hacking so much as social engineering? It sounds like the only step in here that might have involved hacking was getting access to an account with verified status, but my guess is that they used some form of social engineering to do that as well. Just target people with bogus emails claiming to be Twitter and eventually someone will enter their credentials into the bogus website you've set up or give the information to someone over the phone.

I wish that the news media would quit getting everyone riled up about hacking, when hacking didn't occur. Social engineering is hardly new. Hell, it features quite prominently in the Bible among other stories that stretch back to antiquity.

Re:Fake accounts for gathering fairy dust

[Kaenneth]

Twitter needs to stop being retarded, and just remove the 'Verified' mark if a user changes their display name.

Re:Fake accounts for gathering fairy dust

Is this even hacking so much as social engineering?

First it was "software engineering."

Now it's "social engineering."

I think I'll go do some solitary engineering now.

Re:Fake accounts for gathering fairy dust

Is this even hacking so much as social engineering?

In the modern world, quad-copters are drones, proxies are VPNs, any form of malware is a virus, and social engineering is hacking.

Re:Fake accounts for gathering fairy dust

[rtb61]

This kind of behaviour on crypto currencies will just get worse and worse, as the market shrinks to mainly criminals and the get rich quick gullibles, it is nasty and getting nastier, as the pool of money shrinks and the criminals are trying to steal as much as they can before the crypto ponzi lake mainly dries up. At foetid pool for nothing but criminal transactions will be all that remains better not have too much crypto, because they will find your remains after you fess up the password.

Re:Fake accounts for gathering fairy dust

[michelcolman]

To be fair, the tweets appeared as replies to Musk's real tweets, had the same picture, the name "Elon Musk" and a very similar account name (e.g. "@elormusk"). The first time I saw one, I thought for a moment that it was genuine, it just seemed very strange for him to do anything like that. Then I read you were supposed to send a small amount first, which was even more suspicious, and then I finally noticed the slight difference in the account name.

So I didn't fall for it, but apart from the unlikeliness of the whole thing, it wasn't that easy to spot as fake.

It took a very long time for Twitter to do anything at all about this scam. How hard can it be to let someone take a second look at all acounts that are being renamed to "Elon Musk" or, as they started doing later, "Elon Musk " with a bunch of spaces behind the name? These campaigns have been going on for many months now.

Re:Fake accounts for gathering fairy dust

[michelcolman]

Also, how hard can it be to spot a picture that's identical to the original?

Of course the next step would be a picture with one or two pixels changed, or shifted by a few pixels, but a very simple AI should be able to deal with that just fine

Then of course they could use adversarial pictures to fool the AI, but that would take a lot more expertise and knowledge of the exact AI used.

Re:Fake accounts for gathering fairy dust

[michelcolman]

That would be a logical solution, indeed. I think you nailed it when you used the word "retarded".

Legit offer

For every one Bitcoin sent to this address:
18awryFxpSG2C1PRHWCteoak94HfdFbnfD

I will send 1000 Dogecoins in return! Simply reply with your Dogecoin address below!!

This offer is 100% legit!!!

Re:Legit offer

wow
what you doing
such crypto
so very coin
much want

The answer seems very simple...

Display name changes of verified users must be explicitly approved, or require re-verification with the new name.

Twitter doesn't care.

Now, if it''s conservative voices, or, say, something like the NPC meme that is sufficiently reflective of reality that it really gets under liberal's skins, they're all over it.

This? Meh. They'll just use their inability to stop this as evidence that teh russians h@x0r3d teh lection.

Re: Twitter doesn't care.

Because its all about the money!

Re:Twitter doesn't care.

It really takes so very little to trigger a rightwinger these days.

Sorry, baby boys, the world is no longer a giant safe place for white male mediocrity!

Re:Twitter doesn't care.

The NPC thing is hilarious because the talitrumpers just repeat stuff they've heard all the time without actually thinking about it. Especially the NPC meme. Self awareness has never been a strong suit for the trumptards.

Dear Twitter

[mysidia]

For starters..... make Two Factor Authentication using a hardware token such as Gsec token a mandatory requirement for enabling the Verified mark........ Secondly compromise of an official Google account makes one suspect exploitation of some kind of hole in Twitter's systems; mainly b/c Google goes the extra mile in regards to security ---- its difficult to imagine anyone could have scammed G suite creds from them easily. Also the sudden serial compromises of multiple other high-profile Twitter accounts that hadn't happened before? Very suspicious.

Re:Dear Twitter

They didn't scam Google's creds you imbecile, they created a Twitter account of their own, copied Google's .jpegs for their profile photos, and labeled their account with the same text.

This is the same as if I sent you an email from an account with the label asking for your creds, with a link to lolitsnotmysidiasbank.com, which you followed and entered your creds in, which I then used to clean out your bank account.

Re:Dear Twitter

[EvilSS]

In that case the real G Suite account wasn't compromised, someone made a look-alike account and got the tweet promoted. Note in the article there isn't a check-mark on the scam tweet's account. Twitter does support hardware tokens, such as the Google Titan Fido U2F keys, which I'm sure the G Suite employees all have (since Google made them mandatory for employees/contractors).

Re:Whiny Trumptard blathers incoherently, news at

Orange man bad!
Orange man bad!
Orange man bad!

Breaking News!!!

Tesla investors are now calling on hackers to fully manage Elon Musks Twitter account.

"We found that the hackers posts were actually less likely to draw SEC attention" said one investor.

Another added "even after losing 10 Bitcoin to the scam we still did better than if we had allowed Elon to get us another $20m fine."

"struggling"

[bobmagicii]

lol, struggling, yeah, right. correct headline "not really trying"

Target scam was pretty good.

[kiwioddBall]

I got this promoted post in my Twitter feed. I still don't know how it was done.

Anything you say about being stupid ain't true. The only way of detecting it was a scam was that crypto was involved.

The account was verified, it had the Target twitter picture, It was called Target, and the real clincher was that the address of the account was displayed as @Target (can't remember the upper or lower case). It looked identical.

I was surprised, and visited tha actual Target twitter account to see their tweets and replies and couldn't see where this tweet had been posted. The only inconsistency.

There were replies below the tweet that looked like they were from Best Buy etc that also looked genuine in the same way including the @ address.

The fake Elon Musk tweets have his picture, are verified, have the elon musk name, but the @ address is always some rubbish. The Target post was not that.

Twitter have some explaining to do.

Re:Target scam was pretty good.

Any twat that uses Twitter has some explaining to do.

Re:Target scam was pretty good.

[sourcerror]

Well, Twitter was stupid to allow to change the name of a verified account without doing the verification again.

Re:Target scam was pretty good.

There's something like this going on Instagram right now involving fake Lowes "reward" accounts that comment on posts. They seem to get deleted really quickly though.

Re:Target scam was pretty good.

[OverlordQ]

Those accounts aren't verified.

Re: Target scam was pretty good.

For me the tipoff was that the picture was of Max Zorin.

Re:Target scam was pretty good.

[GrumpySteen]

The only way of detecting it was a scam was that crypto was involved.

The whole thing was based on the most basic model of scams; "send us some money first and we'll send you even more in return!"

Nobody should ever fall for that type of scam, but some people do because they're blinded by their own greed and they overlook clues that should be painfully obvious.

Re:Target scam was pretty good.

Hmm.. I mean they did indeed use Target's account, but the posting itself was full of grammatical errors. Even if you ignore the extreme unlikeliness that a major retailer would have some weird Bitcoin promotion, it was pretty dang obvious just by the poor wording that it was not legitimate.

Re:Target scam was pretty good.

That's to make sure only idiots fall for it.

Re:Target scam was pretty good.

Yeah, in college I called to sign up for being a secret shopper, but on the phone call they were asking for my CC info.

I figured, if this was legit, they wouldn't need this, they could either send me a card, or reimburse me after the fact, so I asked them why they needed that, got a poor reply, and hung up.

Re:Target scam was pretty good.

[radarskiy]

"visited tha actual Target twitter account to see their tweets and replies and couldn't see where this tweet had been posted. The only inconsistency."

A promoted post will not necessarily appear in the account's tweets. For example, @Apple has zero tweets but plenty of promoted posts.

Re:Target scam was pretty good.

[thegarbz]

Of course they are. They just aren't verified as belonging to the account they claim they are. If you change your twitter handle you don't lose the verified mark.

Re: Target scam was pretty good.

[Megane]

That was so far from left field that I had to use google to be sure I was remembering correctly. Too bad he wasn't able to set off that super earthquake. I guess he didn't die from that fall after all, there's still hope!

hacking hackers did done hacking! with hacks!

Computer security "hacking" doesn't mean anything at all so bickering about what is and is not "hacking" is a completely futile exercise.

It is the modern way to spell "we know nothing but we like your clicks so we'll lure you in and waste your time." This is what msmash considers decent slashdot filling.

Few Weeks?

[Thelasko]

This has been going on for at least a year!

Re: Few Weeks?

The bitcoin scam has been going on a lot longer than that.

Re: Few Weeks?

the FIAT MONEY scam has been going on EVEN LONGER. enjoy your SLAVERY, if you guys need me i'll be on the MOON

Re:Whiny Trumptard blathers incoherently, news at

Orange fag dumb!
Orange fag dumb!
Orange fag dumb!

This should be simple

If a tweet or ad promotes bitcoin or blockchain, it's a scam.

Re:This should be simple

If a tweet or ad promotes anything it's a scam.

Temp fix

Is it difficult to just put a temporary "if(newname=="Elon Musk") flagTheAccount();" into the code? Yeah it doesn't solve the root problem I know but does that matter?

Saw it 3 times

[mhkohne]

Under different names. I didn't screen shot them, but it looked to me like the text was the same on each of them. I'm unclear why they simply couldn't cut off any promoted tweet with the offending text.

Honestly, if I were them, I'd simply cut off any promotions featuring bitcoin and be done with it.

Easy solution

Just auto-word filter Bitcoin to Shitcoin at all times, on all platforms.

Re:Easy solution

I already filter it in my head as "Buttcoin".