A recent Bitcoin scam on Twitter that compromised several major companies verified accounts came from a third-party app, tech news outlet the Next Web (TNW) reports citing social media officials.
Speaking to TNW, a Twitter spokesperson confirmed that the attack came from an outside software provider and not from Twitter’s own system. However, the official refrained from naming the app.
The spokesperson reportedly explained that the attackers exploited a third-party marketing solution to launch a Bitcoin (BTC) giveaway from several verified accounts, including Google’s G Suite and major U.S. department store retailer Target.
The information was implicitly confirmed by Target. Its representatives told TNW that the hackers used a third-party marketing app, authorized to post content on Target’s behalf.
On Wednesday, Nov. 14, hackers took over G Suite and Target accounts (800,000 and 1.92 million followers, respectively) and posted malicious cryptocurrency giveaway links. The message in G Suite’s account also falsely claimed that users could make payments in G Suite using cryptocurrencies.
Moreover, in early November several verified Twitter accounts, including those of film production firm Pathe U.K. and U.S. politician Frank Pallone Jr., were breached to pose as Elon Musk. Once hackers gained control of accounts, they changed the profile picture and name in order to pose as Elon Musk and offer scammy Bitcoin giveaways.
Bitcoin scammers have already posed as Elon Musk for several times, prompting the Tesla founder to seek help from Jackson Palmer, the creator of Dogecoin (DOGE), who claimed to have invented an anti-scam script.