The 2020 Twitter Bitcoin Scam

When the world's most famous accounts were hijacked by a teenager.

130 Accounts Hacked. $118,000 Stolen in Hours.

Elon Musk✔ @elonmusk

I am giving back to the community. All Bitcoin sent to the address below will be sent back doubled! If you send $1,000, I will send back $2,000. Doing this for 30 minutes.

🎯 The Targets

Barack Obama, Joe Biden, Bill Gates, Jeff Bezos, Apple, and Uber. The attackers aimed for maximum trust and visibility.

🕵️ The Mastermind

Not a nation-state, but a 17-year-old from Florida named Graham Ivan Clark, using "Vishing" (Voice Phishing).

The 24-Hour Timeline

Phase 1: July 14, 2020

Social Engineering

Hackers call Twitter employees posing as "IT Help Desk" (Vishing). They trick employees into logging into a fake VPN portal, stealing credentials and MFA codes.

Phase 2: July 15 (Morning)

The "OG" Market

With access to internal "God Mode" tools, hackers first steal "OG" usernames (short names like @6, @dark) to sell them on underground forums.

Phase 3: July 15 (Afternoon)

The Bitcoin Scam

They switch tactics to mass fraud. Accounts like Elon Musk and Apple start tweeting the "Double Your Money" crypto scam. Money flows in instantly.

Aftermath: July 31, 2020

The Arrests

Twitter locks down the platform. The FBI tracks the Bitcoin trail. 17-year-old Graham Clark is arrested in Florida and later sentenced to 3 years.

Technical Breakdown

1. Vishing (Voice Phishing)

No high-tech coding exploit was used. Attackers simply used the phone. They convinced employees they were co-workers to bypass security.

2. Internal Admin Tools

Twitter had "God Mode" tools that allowed employees to reset emails and disable 2FA for any user. Over 1,000 employees had access to these tools. Too many!

3. Lack of Hardware MFA

Twitter used app/SMS-based 2FA for employees, which can be phished. Had they used Physical Security Keys (YubiKeys), the hackers could not have logged in.

Consumer Defense: How to Spot a Scam

You can't stop Twitter from being hacked, but you can stop yourself from falling for the tweet.

🛑

1. The "Too Good To Be True" Rule

No legitimate billionaire gives away money for free. If someone asks you to send $1,000 to get $2,000 back, it is 100% a scam. Every time.

🐦

2. Don't Trust "Verified" Blindly

The Blue Checkmark usually means identity is confirmed, but as this hack showed, the account itself can be stolen. Always verify huge news on other news sites (BBC, CNN) before acting.

💸

3. Crypto is Irreversible

Unlike a credit card, you cannot call the "Bitcoin Manager" to reverse a transaction. Once you send crypto to a scammer, it is gone forever. Be hyper-cautious.

🔐

4. Lock Your Own Doors

Hackers target normal people too. Enable 2-Factor Authentication (MFA) on all your social accounts. Use an Authenticator App, not SMS (which can be sim-swapped).