Yesterday, on July 15th, Twitter experienced a massive coordinated attack by hackers that gave them access to internal systems and tools. Once the hackers gained access to these systems, they overrode access to many high-profile accounts - which allowed them to bypass 2FA (2 Factor Authentication) protected accounts as well.
The accounts accessed include that of Former U.S. President Barack Obama, Presidential Candidate Joe Biden, as well as Bill Gates, Jeff Bezos, Elon Musk, Kanye West, and many more. These hackers then proceeded to post almost the exact same message about giving back to the community via Bitcoin. Essentially, the hackers called for users to send Bitcoin to a specific address and claimed that they would return it back in double.
Typically, these types of attacks have involved single users - making this attack unique and at a much larger scale than Twitter previously experienced. Truly, what these attacks showed is that there are backdoors within the Twitter platform that grants full editing power for every account, and more importantly, that these backdoors can be exploited.
However, I believe Twitter and the compromised accounts/users were very lucky in regard to what these hackers did once they gained control of these accounts. They simply chose to ask for Bitcoin via a Bitcoin scam ("If you send me 1x, then I'll send you back 2x"). For most cryptocurrency followers, this was an obvious scam; however, there were many non-crypto followers that were hearing of Bitcoin yet again - this time from what they believed to be an influential person. This significantly increased the profile of Bitcoin, leading many users to begin exploring what the cryptocurrency was, how it works, as well as how do they trade it. I believe this led to generally positive press around Bitcoin. While, yes, many people see this as yet another cryptocurrency scam, it did lead many people to explore and learn what Bitcoin is. Additionally, while some users did send Bitcoin to hackers' wallets, many exchanges, such as Coinbase, took note of what was occurring and halted outgoing transactions to those wallet addresses on their platforms - attempting to save users from losing their Bitcoins.
Overall, I believe these Bitcoin scams were less harmful than what these hackers could have done. By having access to so many high-profile accounts, they could have directed users to websites, share some message or call to action, or even much worse - created geopolitical issues and/or manipulate stock prices, all of which would've been significantly more severe than asking for Bitcoins.
With that said, we still do not know the full extent of the hacks. For all we know, the hackers could have stolen personal information from the users, compromising private messages, or exploit a much larger underlying security issue within Twitter's backend.
This just goes to show, yet again, that users should be very careful with their social media platforms, and never put too much information out there that you would not want to end up in the wrong hands. Hopefully, Twitter can discover the source of the attacks and/or how they managed to get into their systems and in return create a much more robust and secure platform.
It makes me wonder, with the many widespread benefits of decentralization - how long until we begin to decentralize the many platforms that we use daily to ensure our data is truly private and secure?
I'll leave you with this excerpt from Blockstack's Blog "Welcome to the Age of Apps that 'Cant' Be Evil'"
"When it comes to big tech companies, promises made have become promises broken. There was a time when we trusted these once upstart companies without even thinking about it. After all, these were colorful companies with pleasant mottos who were just trying to connect us and make our lives easier. But, as they grew, and every aspect of our lives became more and more embedded in these services, most of us didn’t stop to think about the increasing amount of power, data, and rights we were handing over or the systemic risks involved in these relationships.
Today, it’s difficult to function in our daily lives without interacting with at least one of just a handful of companies. In the wake of massive breaches, shady data sales practices, and needlessly difficult privacy management features, promises are simply no longer good enough. As we take the lessons from this age of the internet and forge ahead building new online experiences, it’s critical that we build and support technology that can’t abuse users.
Decentralized computing protocols allow for ecosystems in which users don’t have to compromise their digital rights or data to engage with useful applications. There are over 100 such applications already in production using Blockstack’s end to end decentralized computing stack, with more on the way."