Twitter hackers of Elon Musk and others got $121,000 in bitcoin.
Victims included Democratic presidential candidate Joe Biden, former President Barack Obama and Tesla CEO Elon Musk. Accounts for those people, and others, posted tweets asking followers to send bitcoin to a specific anonymous address.
The Twitter hackers received over 400 payments in bitcoin for their efforts, with a total value of $121,000 at Thursday’s exchange rate, according to an analysis of the Bitcoin blockchain performed by Elliptic, a cryptocurrency compliance firm.
Tom Robinson, Elliptic co-founder said it’s a low sum for what appears to be a historic hack that Twitter said involved an insider.
“Given the scale of the compromise I don’t think that’s very much, but what we often see with these type of exploits is that the exploit itself can be very sophisticated but they’re not very good at monetizing it,” Robinson said.
According to Robinson, the scammers posted three separate bitcoin addresses and one address for the cryptocurrency Ripple, which didn’t receive any transactions.
The largest transaction received by the scammers was one payment of about $42,000, which could be traced back to a Japanese cryptocurrency exchange, Robinson told CNBC.
Who sent the bitcoin or if all of the money was proceeds from the scam, could not be verified by CNBC. It’s possible the scammers sent money to their own wallet to make their con look more successful.
The people who fell for the racket were “a strange segment”, Robinson said.
“It’s people who are sophisticated enough to have crypto in the first place because otherwise they probably wouldn’t have been able to make the payments in that short period of time, but also not crypto sophisticated enough to recognize the scam,” Robinson said.
As soon as the wallet started receiving funds, it started transferring them to different addresses. Robinson says that the scammers are probably doing this to “cash out.” There could be benefits to moving fast before exchanges where cryptocurrency can be traded for cash or other coins block the addresses, he said.
A major U.S. exchange, Gemini, said it blacklisted the affected bitcoin addresses on Wednesday.
The scam tweets posted on Wednesday are similar to past scam tweets asking for bitcoin, with one major difference: The attackers were able to post them from compromised verified accounts with lots of followers.
The Twitter account of Elon Musk was the first high-profile account to post a bitcoin tweet. Crypto scammers have targeted Musk in the past by creating dummy accounts that emulate Musk’s account name and profile picture. They use those dummy accounts and reply to Tesla or SpaceX tweets asking for bitcoin.