Coinbase Paused More Than $280,000 In Bitcoin Transactions During Catastrophic Security Breach In Twitter
A number of high-profile Twitter accounts were simultaneously hacked on Wednesday, July 15, 2020, by attackers to tricked at least 1,100 people into sending bitcoin to an unknown hacker.
According to Coinbase, a popular cryptocurrency exchange in which people buy and trade digital currency, the company prevented about 1,100 people from sending $280,000 worth of bitcoin to fraudulent accounts.
Billionaires Elon Musk, Jeff Bezos and Bill Gates are among many prominent US figures targeted by hackers on Twitter in an apparent Bitcoin scam. The official accounts of Barack Obama, Joe Biden and Kanye West also requested donations in the cryptocurrency.
According to Forbes, Coinbase and other cryptocurrency exchanges were able to stop some customers from sending bitcoin to the hackers by blacklisting the hackers’ wallet address. Specifically, Coinbase says it prevented just over 1,000 customers from sending around $280,000 worth of bitcoin during last Wednesday’s attack. Roughly 14 Coinbase users sent around $3,000 worth of bitcoin to the scam’s bitcoin address before the company moved to blacklist it, the company said.
“We noticed the scam and began blocking transactions within a couple of minutes of the initial wave of scam posts,” a Coinbase spokesperson told The Verge on Monday.
Twitter accounts belonging to cryptocurrency exchanges including Binance and Gemini were also targeted during Wednesday’s attack. Coinbase’s chief information officer told Forbes on Sunday that it learned of the scam shortly after tweets were posted from fellow exchanges’ accounts.
As of Monday, Twitter is still investigating Wednesday’s attack. On Friday, the company put out a blog post confirming that 130 accounts were targeted and the hackers were able to initiative a password reset, log in to the account, and send tweets for 45 of those accounts. Twitter also said that the hackers were able to download account data belonging to eight unverified users.