- Justin Sun has gone on the war path, pledging his own money to help hunt down the Twitter hackers who caused bedlam on July 15.
- The accounts of multiple celebrities including Justin Sun were compromised in the attack.
TRON founder and BitTorrent CEO Justin Sun has gone on the war path, pledging his own money to help hunt down the Twitter hackers who caused bedlam on July 15. The accounts of multiple celebrities, as well as crypto exchanges, wallets, and blockchains, including Justin Sun and the TRON Foundation, were compromised in the attack, which is believed to have involved a Twitter employee whose device was hacked.
At the time of writing, Justin Sun’s account has been restored, but others, including that of the TRON Foundation, remain suspended. On July 15, when Twitter acted to stop all verified accounts from tweeting, as they sought to contain the fallout, the BitTorrent account tweeted Sun’s declaration to “personally pay those who successfully track down, and provide evidence for bringing to justice, the hackers/people behind this hack affecting our community.”
Twitter Sheds Light on How the Hack Happened
Since Sun’s entreaty to track down the hackers, the word has gained a further insight into how Kanye West, Bill Gates, Apple, Uber, Joe Biden and many more were targeted to tweet out a false bitcoin giveaway. In a thread detailing its latest findings, Twitter Support explained: “We detected what we believe to be a coordinated social engineering attack by people who successfully targeted some of our employees with access to internal systems and tools.”
Screenshots circulating on web forums, and shared in redacted form in Vice, appeared to show Twitter’s internal management tool for handling high profile accounts. This sparked controversy, not only for showing that hackers had accessed Twitter’s innermost sanctum, but because it appeared to display an option to “shadowban” users – a practice that CEO Jack Dorsey told Congress the company does not engage in. Twitter shares are down 7% since the scandal broke.
Multi-Factor Authentication Bypassed by Audacious Hackers
The majority of the accounts on crypto Twitter that were compromised in the hack, including those of Binance, Coinbase, the TRON Foundation, and Justin Sun, had multi-factor authentication in place to prevent unauthorized access. However, 2FA was of no use in this case because Twitter’s internal account management tool allows employees to independently post messages on behalf of accounts. This capability was leveraged to spread word of the bitcoin giveaway scam to hundreds of millions of users.
The amount collected by the attack appears to have been relatively modest, at around $120,000 in BTC. It’s prompted the crypto community to speculate as to why the hacker didn’t use their hour of power to wreak greater havoc and scoop up greater profits. For example, tweeting out bullish or bearish news on bitcoin while holding a leveraged long or short would have been more believable and more profitable. New information as to how the hackers managed to commandeer the device of a Twitter employee should come to light in the days ahead. Meanwhile, Justin Sun’s bounty remains open to anyone who can provide information on their identity.