Search This Blog

Showing posts with label Twitter Scams. Show all posts

Twitter Hack: Three Arrested in the Bitcoin Scam

Graham Clark, a resident of Tampa Florida has been arrested under charges of being involved in July’s Twitter hack that targeted the handles of famous personalities including the CEO of SpaceX and Tesla Inc., Elon Musk, and former President of the US Barack Obama, to name a few. The other two suspects arrested by Californian authorities are Nima “Rolex” Fazeli of Orlando and Mason “Chaewon” Sheppard from Bognor Regis, U.K.

The alleged three ran a scheme under which they hijacked the twitter accounts of various public figures and posted tweets advertising a bitcoin scam from these high-profile accounts. In order to acquire access to internal support tools and these Twitter accounts, Clark compromised a Twitter employee and made use of his credentials. After gaining access to 130 accounts belonging to politicians and celebrities, he tweeted Bitcoin scam messages from 45 and accessed direct messages inbox of 36 of them and stopped with downloading the Twitter Data for a total of 7 accounts. Reportedly, the three cybercriminals involved made a profit worth $120,000 worth of bitcoins as a result of the scam.

Among the affected accounts were Amazon’s founder, Jeff Bezos, Microsoft’s CEO Bill Gates, Kim Kardashian West and Joe Biden.

According to operation led by the FBI in collaboration with the Secret Service and IRS, 17-year-old, Graham Clark is identified as the mastermind of the sophisticated incident; the teenager is just a high-school graduate who will be prosecuted by Hillsborough State authorities.

Bearing charges of conspiracy to commit wire fraud and money laundering, aiding the mastermind in orchestrating the attack, Sheppard is subjected to 45 years of imprisonment as the maximum penalty.

In a related video news conference, State Attorney, Warren said, "I want to congratulate our federal law enforcement partners, the US Attorney’s Office for the Northern District of California, the FBI, the IRS, the US Secret Service, and the Florida Department of Law enforcement. These partners worked extremely quickly to investigate and identify the perpetrators of this sophisticated and extensive fraud."

"This defendant lives here in Tampa, he committed the crimes here, and he’ll be prosecuted here,"

"The State Attorney's Office is handling this prosecution rather than federal prosecutors because Florida law allows for us greater flexibility to charge a minor as an adult in a financial fraud case like this." He added.

Meanwhile, in the regard, Twitter said "We appreciate the swift actions of law enforcement in this investigation and will continue to cooperate as the case progresses.

"For our part, we are focused on being transparent and providing updates regularly."

Twitter to remove accounts of cryptocurrency scammers

Twitter is cracking down on cryptocurrency scammers and is taking steps to reduce the number of such scams. This comes after a number of accounts impersonated Elon Musk, Vitalik Buterin, and John McAfee to dupe users into sending them small amounts of cryptocurrency.

The impersonators would deceive other Twitter users by using tactics such as misspellings in the username or using the same or similar avatar to fool users.

They would tell followers to send them small amounts of cryptocurrency and would promise in return to send a bigger amount back.

In February, Buterin tweeted to his followers that if they sent him 0.1ETH, “I will send you nothing because I am too lazy.” Scammers, in reply, took the opportunity to ask users to send them small amounts of ethereum.

In response to the scammers impersonating Buterin, he took to Twitter to negate the rumours:

A Twitter spokesperson said, "We're aware of this form of manipulation and are proactively implementing a number of signals to prevent these types of accounts from engaging with others in a deceptive manner."

Twitter Spammers abuse Google search

We reported few days ago about a new spam campaign that abuses open-redirect vulnerability in popular websites including CNN, Yahoo and

Today, Security researcher Janne Ahlberg discovered another spam campaign that abuses the google search to spread the scam websites.

"check google hxxx:// Pounds … and learn the right way to reduce 20 lbs in less than 29 days" One of the spam tweet reads.

"see google hxxx:// … and find out the best way to lose 22 lbs within just 29 days" another tweet reads.

"lol already lost 4 pounds in 5 days!! that web page I found at google hxxx:// … is truly beneficial"

Unlike the previous spam campaigns, cybercriminals lure victims to visit their site by tricking them to look at the Google search. The spammers cleverly used the "site:" keyword to restrict the results to the specified domain.

"site:" is keyword to search only in a particular site and list all the results for that site.  For eg: "spam" will find pages about spam within

So, when a victim follows the link, he is only going to see the results from the spammers website.  The technique helps cyber criminals to bypass the malicious URL filtering.

McDonald’s Gift Card Spam on Twitter redirects to adult dating site

TrendMicro have spotted a Twitter spam touting “gift cards” at the tail-end of the gift-giving season. These tweets has shortened URL with the strings "#mcdonalds gift card."

McDonald’s is a globally well-known fast food chain that, like many other establishments, do offer certificates and vouchers for patrons who would like to give these as gifts or rewards.

Unfortunately, This is not gift card from McDonald , it is one of Twitter Scam that lands you in Adult Dating site.

TrendMicro consider the URLs used in this attack as malicious because of the deceitful nature by which they are used. The lure “#mcdonald’s gift card” would have definitely led several users to believe that some gift certificates or vouchers are being given away or discounted.

A couple of weeks ago of weeks ago in the US, attention was drawn to a Mystery Santa who donated $500 worth of gift cards from McDonald’s to a nearby homeless shelter. Whether or not cybercriminals got a social engineering idea from this cannot be confirmed, but in all cases users are advised against clicking on links without first inspecting them. In this case, hovering on the link would have given users a clue about how to proceed.

Findout who Unfollowed you : a New Scam hits Twitter users

Twitter users hit by a New Scam that use traditional method. TrendMicro find and blocked this scam already.

The Scam tweet:
"32 ppl unfollowed me.want to find out who unfollowed you? Find out here"
This scam asks you to click the link in the tweet. If you click the link, it will bring you to the a page that claims as “Followers Monitor”. This page asks you to authorize application to use the Twitter. If you give access to twitter, the scammers start to spread the spam with your twitter account.

The choice of hashtags used by this attack was harvested from the trending topics seen overnight. Some were related to the Monday Night Football game which was airing (and trending) at the time this attack took place, while others were more random, as can be seen above.

Security Tips:
  • Never Click the link , if you got these type of tweets.
  • If you do inadvertently click links like this, you can undo some of the damage by removing the app’s authorization to access your Twitter account. This can be found under the Applications tab of your settings.

Hacked Sky News Twitter account claims Chairman James Murdoch arrested

The official Twitter account of Sky News hacked last night and spreading false tweet message, claiming that Chief Executive and Chairman James Murdoch had been arrested by police in London , according to NakedSecurity report.

The false message cleared but not before other Twitter users had shared it across the network. The @SkyNewsBiz account was later updated to deny the story, and claim that a hacker was most likely responsible.

James Murdoch, of course, has been appearing in the headlines rather than writing them - after being questioned about his company's knowledge of "phone hacking" by the News of the World. A tweet from Sky News - another Murdoch company - claiming that News International's embattled chief executive has been arrested would cause quite a stir.

NBC News Twitter Account Hacked and spreading fake News of 9/11 Ground Zero attack

Hackers named as "Script Kiddies" hacked the NBC News Twitter Account and posted messages claiming that there has been a terrorist attack at Ground Zero in New York.

The bogus messages claimed that Flight 4782 has been hijacked and another plane crashed into the site where the Twin Towers collapsed ten years ago.

NBCNews's Digital Officer Vivian Schiller tweeted confirming that their official account had been hacked, and asked followers not to retweet any of the offending messages.

In a subsequent message, Schiller confirmed that NBCNews was "working with Twitter to correct the problem and sincerely apologize for the scare that could have been caused by a such a reckless and irresponsible act."

The same group previously hijacked and defaced Pfizer's Facebook page and broke into the Fox News Politics Twitter account to post a bogus announcement about the death of Barack Obama.

It is unclear what method hackers used for breaching into this famous twitter account. Hacker group might used one of the following method:
  • Phishing
  • Dictionary Attack on password
  • Spyware
  • Less secure Password
  • Same password in multiple sites.
  • etc...
If you want to Know How to protect from the above attacks , please read our Security Tips Section.

Pictures of Osama Bin Laden Phishing attack on Twitter

Phishing attack is one of the powerful hacking method. It will trick users to enter username and passwords. Today Pictures of Osama Bin laden phishing hits twitter users.

They tweet contains:
Pictures of Osama Bin Laden [Link]

If the users follow the link, it will bring you to the fake Twitter Page(Phishing Webpage). Once you enter the username and passwords, your account will be compromised by Hackers.

If you notice the URL of page, it will be "". It is not twitter website.

If you think your account is hacked by hackers, Change the Password as soon as possible. If you use the same password for gmail and other accounts, change it also.

Security Tips:
Use Different passwords for social networks(twitter,facebook) and mail id(gmail,yahoo).

Twitter Stalkers app Phishing Webpage -Phishing Scam

Today twitter users hit by messages claiming about new stalker app(that will track the profile visitors). They will ask you to click the link to access the stalker app. Then they will ask you to enter twitter username and password in order to confirm. If you enter , yes you are one of the victim.

This is one of Twitter phishing webpage. If you look at the link, it is fake URL. So be careful these type of scams and Phishing webpage.

Want to protect from phishing webpage(identifying) ?
Here is the security tips for you provided by @BreakTheSec
Phishing Protection