Google Twitter's official account hacked, Bitcoin ad scam re-emerged

Researchers say a large number of verified Twitter accounts have been hijacked and tampered with to post a fake Bitcoin giveaway scam on Twitter.

Even Google's official Twitter account was the latest victim of a Bitcoin scam on Tuesday, as it became more common. Google's official account has more than 800,000 followers. As the size and scope of the Bitcoin scam has grown, and with the experience of criminals hijacking some "big V" accounts, many have begun to call on Twitter to block it.

In this Google Twitter account scam, the fraudsterfirst sprided the Google Twitter account and posted an ad on Twitter about Bitcoin, an attempt to lure unsuspecting consumers into the "10,000 Bitcoin Giveaway" - before, of course, receiving the giveaway. You only need to invest a small amount of money in exchange for the chance to win a "big prize".

The scam ad reportedly appeared on the account's homepage and feed for about 10 minutes. The ad also claims that Google's G Suite has declared the cryptocurrency legal and can be used as a payment method.

Although the malicious message was quickly deleted, many people have already read about it. Andrew Maxey, a Cisco security researcher, tweeted:

It's the first time I've seen this scam - although it looks like it's just a promotional tweet, if you click on the user ID in a tweet, it jumps to a real G Suite Twitter account, leaving you unrecognizable for a moment.

The hack was ironic because Google said in June that it would take action to restrict advertising by cryptocurrency companies.

This is not the only case of such a hacking incident, as was the case on Wednesday on Target's Twitter account, which has about 2 million followers and tweets about 5,000 special currency giveaways (about $31 million) that took about half an hour.

Also this week, the fraudsters (it's unclear whether all of these actions were committed by the same person) invaded the French consulate in India, THE IT consulting firm Capgemini, the German Consulate General in India, Senator Ben Allen of California and Rachel, an Israeli politician. Azaria's official Twitter account.

In early November, a number of authenticated accounts were hacked and the same ad was posted on Twitter. In that case, fraudsters changed their profile names and photos, posing as Tesla CEO Elon Musk, and even posing as replies to tweets on Musk's real account in order to gain the trust of users.

The scam was first discovered in July last year, when fraudsters broke into the official Twitter account of the now-discontinued Fox reality show Almost Human. They used the access to spread a similar free link, changing the account's username to Justin Sun, founder and CEO of China's blockchain startup TRON.

Sophos Security points out that

This kind of fraud is not new, but it is a variant of the 419 types of fraud that have been summed up by the previous generation, most often in the e-mail user community: fraudsters claim to be high-ranking officials who need money from overseas, who demand that victims send them small sums of money in exchange for millions of dollars, and promise to repay them accordingly. But once the money is turned around, it evaporates.

The scam is also believed to have been targeted at Vitalik Buterin, the co-founder of Ethereum. Buterin then changed his Twitter username to "Vitalik. Never Give Up Ethereum's Buterin" and asked Twitter to block it.

Speaking of Twitter's reaction, independent researcher Graham Cluley directly blamed Twitter in a tweet that apparently had no control over the cryptocurrency scams. Twitter should use a two-step verification through a third-party app, such as Google Certifier, to enforce the account.

Twitter, for its part, has yet to receive an official response.