Hackers!

Twitter Hackers Caught Using Bitpay and Coinbase in Wallets Related to Hacking

The Twitter Hacker who has hacked many celebrity accounts shows transactions to BitPay and Coinbase.

Hackers seem to be consolidating their funds to an address that has previously sent money to BitPay and Coinbase.

According to research from Whitestream, a blockchain analytics company, three transactions originating from the address "1Ai5" lead to wallets associated with Coinbase and BitPay, both of which provide merchant solutions. The relic address is the first one offered by hackers, who then switches to the Bech32 address when targeting non-crypto accounts.

However, the original address is now the point of consolidation of all the results obtained through the attack. He received 14.75 Bitcoin (BTC), worth about $ 135,000.

Three transactions are believed to lead to Coinbase and Bitpay. The first involved a transfer of around 1.2 BTC in May 2020, valued at around $ 11,000 at the time. The last two were sent two days before hacking and for a much smaller amount.

Specifically, the last transaction is much more sophisticated because the change address is always of a different type from other inputs. This makes it more difficult to track, although it is possible that the hacker was only in the process of switching to a Bech32 address.

Twitter said that this problem was caused by social engineering attacks carried out on high-level employees with admin access. Through the admin panel, hackers take control of the account by changing passwords and restoring their emails.

This is similar to a BlockFi data breach in May, where criminals use a SIM swap attack to gain access to internal customer records.