Twitter has been under a constant attack from a large of spambots, publicizing bitcoin giveaways. The modus operandi of these bots is to hijack verified accounts of celebrities or renowned brands and ask their followers to send a small amount of bitcoin or other any other cryptocurrency with hollow promises of much bigger bonuses in return.
Of late, many of these bots have infiltrated Twitter and despite efforts to keep the platform clean, several accounts including that of Indian B2B e-commerce portal IndiaMART as well as India’s National Disaster Management Authority (NDMA) have been compromised. Other victims of the scam include UK-based clothing line Farah, and the Australian branch of tech consulting firm Capgemini, as well as Tesla CEO Elon Musk whose identity is being used to drive a lot of these scams.
One of the recent victims of this scam was the official handle of Google’s G Suite. The account has 822,000 followers, which is a big pool filled with small and big fishes. Multiple users reported the hack and while the tweet disappeared minutes after it surfaced, it was enough to grab the attention of Twitteratti.
Restored now, but wow, @gsuite. This is happening frequently enough that Twitter really needs to make a statement on *how* it’s happening IMHO. What advice are they giving people on how to avoid this? https://t.co/Cx96mIKnWj
— Troy Hunt (@troyhunt) November 13, 2018
While the exact duration for which the tweet was live isn’t clear, taking note of the time stamp on the screenshot shared by user @UdaanTappu, it is clear that the tweet could be seen until after at least 19 minutes of being posted.
What's up Twitter?? pic.twitter.com/Buc82WVoXy
— UdaanTappu™ (@UdaanTappu) November 13, 2018
Google or the G Suite team has not issued an official statement, so it looks like while measures are being taken to avoid talking about it, the company does not want negative publicity.
An alarming facet of the story is that the obtrusive tweet seems to have been promoted by Twitter, which means that while Twitter has been talking about taking strict action, these scammers are easily trading under the nose of advert moderators.
The 1st version of my "Crypto Scam Hunter" is working. Every 4h, the bot will publish a message like this one for the hacked verified accounts who are promoting crypto scam. Stay tune! https://t.co/wnJ2XQ2VXN
— Elliot Alderson (@fs0c131y) November 13, 2018
Notably, French white-hat hacker who goes by the name Elliot Alderson created a bot to automatically point out such offensive and rogue spam tweets and it seems to be doing a better job than Twitter’s large team of facilitators.