Hackers behind the Twitter breach early on Thursday embedded a Monero (XMR) centric message on several of their Bitcoin transactions—paying $11 in costs to do so.
“You take risks when you use Bitcoin for your Twitter game, why not Monero,” read seven different wallets (transactions accessible here).
A pro-Monero statement
Hackers altered the recipient wallet addresses to include personalized alphanumeric keys, choosing to go with the pro-Monero stance.
Monero is a private cryptocurrency famed for masking wallet and transactional information. This is unlike Bitcoin or most others—whose pseudonymous nature allows analytics firms to trace wallet activity to individual users.
Members of the Monero forum on Reddit seemed pumped with the mention. “All those Bitcoins will be washed clean with Monero,” said one user on a relevant thread.
“I think it was strategic. More people have BTC than XMR. It also isn’t easy to figure out how to use Monero, not entry-level crypto,” said another user on another thread.
Meanwhile, Monero’s Riccardo Spagni tried explaining why the hackers asked for Bitcoin instead of XMR. His tweet was a response to a relevant comment thread:
Bitcoin is a billion times easier to buy than Monero. It has a name that is instantly recognisable, where most of the people that saw the Tweets would never have heard of Monero. Bitcoin addresses are significantly shorter than Monero addresses, leading to more space in Tweets.
— Riccardo Spagni (@fluffypony) July 16, 2020
Spagni pointed out Ripple’s account was similarly breached as well, but the lack of outreach meant zero XRP was eventually sent to the hacker-provided XRP wallet address.
The Twitter breach revealed a lack of privacy for influential accounts. If misused, it could mean many drastic consequences than a simple Bitcoin scam.
On-chain analytics firm Chainalysis is tracking the Bitcoin funds, approx. $120,000 at current rates. No funds have been cashed out yet:
[THREAD] Here’s what we know so far about today’s #Twitterhack & #Bitcoinscam. As of now, the scam’s main BTC address (bc1…0wlh) received ~$120k in donations in 375 transactions. No funds have been cashed out at exchanges yet. pic.twitter.com/Jg9og3CFCz
— Chainalysis (@chainalysis) July 16, 2020
Industry heads speak up
As CryptoSlate reported earlier today, popular Twitter accounts were compromised to send out Bitcoin-centric scam messages like donating to “CryptoForHealth” or receiving a “generous” gift from power users.
The Twitter infiltration was more of a statement than a money grab anyway. Hackers made north of 12 Bitcoin (approx. $118,000)—a small amount considering the widespread extent of the vulnerability. Binance, Gemini, Vitalik Buterin, Coinbase, Ripple, and a host of other crypto-centric, influential accounts saw their Twitter accounts hacked.
Dmitro Volkov, CTO at crypto exchange CEX.io told CryptoSlate:
“Now there are discussions among the community regarding the following version of events – the hacking could have been conducted by employees inside Twitter. But this is just talk between market participants, and there is no definitive proof at the moment.”
“The small result is quite fortunate and reflects quite favorably on battle-hardened crypto users, many of whom by now are experienced in fending off social engineering attacks and other forms of hacks and scams,” said Matthew Graham, the CEO of Sino Global Capital.
Twitter was hacked.
Bitcoin has never been hacked.
— Pomp ? (@APompliano) July 16, 2020
The outrage was not limited to crypto celebrities. Elon Musk, Joe Biden, Kayne West, Mike Bloomberg, Kim Kardashian, and even Bill Gates were affected. The gist was similar: Donating some Bitcoin to a given address with the allure of doubling the stash.
Several prominent figures in the crypto sector have since commented on the matter. American Congressman Tom Emmer seemed to take a pro-Bitcoin stance while calling out centralized companies on the matter:
Bitcoin isn’t the problem. Centralized control is.
— Tom Emmer (@RepTomEmmer) July 16, 2020
Jonathan Leong of BTSE told CryptoSlate:
“The widespread awareness and discussion of this scam was a silver lining. Had they scammers not attack so many high profile accounts, it is possible that most people would be not aware of this scam, and that there would be more victims.”
Twitter has issued an apology and said they are investigating the matter. A support thread early on Thursday said the attack stemmed from a “social engineered” issue which saw hackers side an ex-Twitter employee; one who had admin access to prominent accounts.