Application security, Threat Management, Incident Response, TDR, Threat Management

Google, U.S. and Israeli politician Twitter accounts hijacked to promote ‘Elon Musk’ Bitcoin scam

After compromising the Twitter accounts of Target along with several other high profile and verified accounts and impersonating Elon Musk all to promote Bitcoin giveaway scams, cybercriminals have now set their sights on Google.

Just two days earlier, scammers were briefly able to get ahold of the Target Twitter page for about a half hour when they used the big-box retailer’s account to promote “the biggest crypto-giveaway in the world!” promising to give away nearly 5,000 Bitcoin if the victim’s first send along payments of the cryptocurrency.

Later that day, in similar fashion scammers posted a message in a promoted tweet claiming that users can now make payments in Gsuite using cryptocurrency and prompting users to verify their Payment addresses by sending between .1 and 2 BTC ($540-$5,406) to “verify your address.” The tweet was reportedly live for around 10 minutes before it was taken down.

Similar attacks were carried out on the accounts of the Indian Consulate in Frankfurt, IT consultancy Capgemini, the Consulate General of India in Germany, California state senator Ben Allen and Israeli politician Rachel Azaria, with some of the compromised accounts used to pose as Elon Musk in the comments sections of the scam to seemingly endorse the phony tweets.

It is still unclear how threat actors were able to carry out such a wide spread attacks which compromised several high profile accounts in the short period of time. 

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.