Bitcoin scammers use fake Elon Musk's Twitter account to steal $170k

Hackers took over verified accounts and changed the name to Elon Musk to promote Bitcoin scam

Scammers hack into reputable companies' Twitter accounts and use the name and profile picture of Elon Musk in an elaborate bitcoin giveaway scam

Tesla and SpaceX CEO Elon Musk is one of the most influential entrepreneurs in the world with a net worth of $22.3 billion as of 2018. Therefore, it is not surprising that his name would be eventually targeted by cybercriminals. This time, it is not his Twitter account that was compromised, but instead, hackers used verified accounts of other leading companies like UK fashion retailer Matalan, the US book publisher Pantheon Books, and a filmmaking studio Pathe UK.

Many Twitter users saw the alleged Elon Musk urging users to participate what seemed to be as “Bitcoin giveaway,” promising 10,000 bitcoin to the community for the participation. All they have to do is send the amount of 0.1-2 BTC into a provided bitcoin wallet.

While the scam messages were taken down in a few hours after the appearence, the bitcoin wallet used by bad actors managed to gain as much as $170,000 with a total of 401 transactions at the time of the writing.^[1]

Hackers used several tricks to make the scam believable

The scheme of the bitcoin scam is relatively simple: bad actors hack into Twitter account of the well-known company or a famous individual (these accounts have a blue checkmark – meaning that they are verified by Twitter) and change the name to “Elon Musk,” as well as swap the profile picture.

Using hacked account, crooks then compose a message using Tesla CEO's name that promotes bitcoin giveaway and is shown on thousands of users timelines thanks to Twitter's ad service.

All these factors contribute to the legitimacy of the scam, resulting in many users transferring seemingly insignificant BTC amount to the provided wallet. However, the combined amount already equals to $170k, profiting scammers abusing the trust of gullible followers.

One of the hacked accounts (Pathe UK) promoted the following message on Monday (using the fake name of course):

I'm giving 10 000 Bitcoic (BTC) to all community!
I left the post of director of Tesla, thank you all for your suppoot!
I decided to make the biggest crypto-giveaway in the world, for all my readers who use Bitcoin.
Participate in giveaway – spacex.plus

The provided address leads users to a simple page that displays a bitcoin address, together with a convenient QR code. Allegedly, after the payment is made, users are entitled to the much larger sum of Bitcoin in return – up to 20 BTC.

The practice screams “it's a scam,” as it is asking for money to be sent, and is also littered with spelling mistakes.^[2] However, while most of the people did not agree to pay, those who did got cheated out of their money.

Multiple accounts were reset after the hack

Several accounts were taken down after the scam was reported just after a few hours, and the fake Elon Musk tweets deleted. After reclaiming the account, Pathe UK tweeted:^[3]

The Pathe UK Twitter account was hacked this morning by an unknown third party. A series of unauthorised tweets were sent for which we apologise. The issue has now been resolved and we have taken back control of our account

While the spokeswoman for Twitter claimed that the company is actively working on how to tackle cryptocurrency scams and that the number of hoaxes decreased by 10 times in recent weeks, the ordeal still raises many questions to security experts. Mainly how Twitter's ad service is handled and why the system did not recognize such strong clues like changed avatar or cryptocurrency being mentioned.

It is yet unknown how hackers managed to get access to reputable organizations' accounts, but it is likely that phishing was used in targeted attacks.

A similar scam plagued Twitter in March,^[4] also using Mr. Musk's name, although the accounts used did not have the “verified” badge. Other celebrities' Twitter accounts were targeted in the past – CEO of Telegram Pavel Durov^[5] and Litecoin founder Charlie Lee fell victims as well.