Share this article
Official Twitter accounts across the cryptocurrency space have been compromised. Accounts for Binance, Justin Sun, Changpeng Zhao, Gemini, and KuCoin all appear to have been hacked. Even Elon Musk’s account was compromised.
All four of the compromised accounts have pinned a similar tweet at the same time on their profile, which says, “We have partnered with CryptoForHealth and are giving back 5000 BTC to the community.” The tweet then directs users to a suspicious link.
I’m feeling generous because of Covid-19.
I’ll double any BTC payment sent to my BTC address for the next hour. Good luck, and stay safe out there!
— Elon Musk (@elonmusk) July 15, 2020
A quick look at the CryptoForHealth website indeed confirms it’s a website related to an airdrop scam. An airdrop scam entices users into sending some crypto, mainly Bitcoin and Ethereum, to a particular wallet address and then promises to give back double the amount. The scammer then disappears with the collected cryptocurrency. The scammer then runs away with the collected cryptocurrencies.
Crypto Twitter was quick to point out something fishy regarding the tweets and warned the users about a possible compromise of the Twitter accounts.
How did the hack happen?
So far, there is no official explanation by the parties involved regarding the incident. One explanation given by the author of Mastering Bitcoin, Andreas Antonopoulos, suggests that maybe a popular third-party posting service that uses Twitter API might have been compromised.
It seems like some Twitter API posting service has been compromised and being used to send out fake “giveaway” tweets from popular crypto/blockchain accounts. “CryptoForHealth” is a scam.
No way are all these accounts unprotected by strong passwords and TOTP 2FA
— Andreas ☮ 🌈 ⚛ ⚖ 🌐 📡 📖 📹 🔑 🛩 (@aantonop) July 15, 2020
At the time of the writing, the scam address has accumulated over 0.65 BTC and continues to grow. This story is still developing.[Update]
The website CryptoForHealth has been marked as a suspected phishing website by Cloudflare and is not accessible.
The latest Twitter account to be compromised is of Bill Gates, currently the world’s second-richest person. The attackers seem to have shifted their tactics. Instead of asking people to redirect to a different website, the attackers are tweeting a scam address through the official accounts. So far, over 10 bitcoins have been collected in total, with over 5 Bitcoin just from the address shared through Bill Gate’s official Twitter account.