In a nutshell: The hackers involved in the massive bitcoin scam on Twitter last week made off with about $120,000 worth of bitcoin. It could have been much worse according to popular crypto exchange, Coinbase.
Last week, a number of high-profile Twitter accounts including Bill Gates, Elon Musk, Barack Obama, and Joe Biden were hijacked by Bitcoin scammers. Cryptocurrency exchange, Coinbase, says it prevented over 1,100 people from sending Bitcoin to the scammers.
Coinbase chief information security officer (CISO), Philip Martin, told Forbes that had the 1,100 users completed their transactions, the total would have amounted to 30.4 bitcoin or about $280,000. Only 14 Coinbase users successfully sent bitcoin to the scammers before Coinbase blacklisted the bitcoin address. Competing crypto exchanges Gemini, Kraken, and Binance also prevented subsequent transactions to the scammers.
"The Twitter hack was a more widespread event, but scams of this nature are not new," said Kraken CEO Jesse Powell. "Kraken proactively monitors for this type of activity and blocks certain addresses that we come across. Like any other scam, we proactively blocked the addresses from the Twitter hack earlier this week."
Even so, that didn't stop $120,000 worth of bitcoin from being transferred to hacker's bitcoin address. Of the total amount, about $3,000 came via Coinbase. Due to the decentralized nature of cryptocurrency, it can be difficult to track and recover the funds.
According to The Block, some of the bitcoin has been sent to various exchanges and mixers like Wasabi Wallet. Mixers combine crypto funds with others to obscure the original source of the funds. Other crypto platforms such as BitPay have confirmed that the hackers' bitcoin addresses were active in their respective platforms.
"BitPay confirms a purchase occurred at one of its merchants in the amount of $25 in May 2020 from one of the Twitter hacker’s addresses," a BitPay spokesperson told The Block. "As part of BitPay’s standard process and procedure, available details are being shared with appropriate parties including law enforcement."
It's unknown if the bitcoin will ever be tracked down. This puts Twitter in quite a predicament considering many of the hacked accounts used recommended security measures like complicated passwords and two-factor authentication.