By Satnam Narang, Staff Research Engineer at Tenable
“Several notable Twitter accounts in the cryptocurrency space have seemingly been hacked in a mass coordinated attack, including exchanges like @Coinbase, @Binance, @Gemini, @KuCoin, @Bitfinex, CEOs and founders like @CZ_Binance, @JustinSunTron, @SatoshiLite, cryptocurrency accounts like @TronFoundation, to promote a COVID-19 cryptocurrency giveaway scam.
The accounts tweeted that they “partnered with” a company called CryptoForHealth. The domain for this website was registered on July 15. The website itself claims that, to help with the hard times endured by COVID-19, they’re partnering with several exchanges to provide a “5000 Bitcoin (BTC) giveaway” which is a ruse for advanced free fraud.
In separate but related attacks, the verified accounts of Bill Gates, Elon Musk and Uber were also compromised to promote a cryptocurrency giveaway. Their tweets used the same Bitcoin address we observed on the CryptoForHealth site, indicating that this is likely a coordinated attack.
The hackers ask users to send anywhere between 0.1 BTC to 20 BTC to a designated Bitcoin address and that they’ll double victims’ money. This is a common scam that has persisted for a few years now, where scammers will impersonate notable cryptocurrency figures or individuals. What makes this incident most notable, however, is that the scammers have managed to compromise the legitimate, notable Twitter accounts to launch their scams. Because the tweets originated from these verified accounts, the chances of users placing their trust in the CryptoForHealth website or the purported Bitcoin address is even greater. This is a fast moving target and so far over $50,000 (INR 3760940) has been received by the Bitcoin address featured on the CryptoForHealth website and in Elon and Bill Gates’ tweets.
We strongly advise users never to participate in so-called giveaways or opportunities that claim to double your cryptocurrency because they’re almost always guaranteed to be a scam.”