Recently (May 2nd, 2018), the cryptosphere became aware of an apparent hack of Substratum’s Twitter account.
Here’s an image of the tweet that the hacker put out here:
The time that you see on that tweet is GMT-4; EST (New York), for reference.
This came to my attention via a message in my friend’s chat (very skilled trader).
Why Did You Put Hack in Quotes?
Because it’s relatively difficult, if not impossible to simply ‘hack’ Twitter.
We know that the Twitter servers were not hacked and to this date, we have no record of them ever being compromised.
So, in almost every single case where a Twitter account was compromised, it was via some sort of user error or a result of them being compromised.
Here are the scenarios that could lead to one having their Twitter account hacked:
- Simply divulging the password to the Twitter account.
- Having the password picked up by a keylogger or some other malicious 3rd-party app.
- Clicking on an e-mail with a malicious virus on it that captures your keyword that way.
- Being logged in on the computer/device that you use Twitter with and someone is able to gain access to said device.
- Getting hit with a really nasty virus that issues a DNS redirect, that sends you to a page that looks eerily similar to Twitter, but is vastly different. (Somewhat similar to the MEW Wallet hack, but different in ways we won’t get into in this article).
Basically, securing your Twitter account is not an unreasonable expectation in 2018 — Especially when we consider the fact that the owners/managers of said account are supposed to be ‘techies’ as we call them.
Something Else That Struck Me As Odd
Hacking someone’s Twitter account to post that a coin is going to be added to Coinbase is a rather weird and ironically, unorthodoxically mundane attack.
Certainly someone with the intelligence to ‘hack’ this Twitter account from underneath the nose of the development could have brainstormed dozens of ways to exploit the fact that they had access to the Twitter account beyond simply making up a lie that the coin was going to be placed on Coinbase.
If anything, this event seems like the perfect time for an attacker to actually executive one of those “Giving Away Free ETH!” things, because, unlike the scammers that have taken over Twitter in recent weeks — the alleged hacker wouldn’t have to create a quasi-clone account to deceive people. They had the REAL account.
Thus, the chances that people would believe that this was a scam would be substantially lower. Although, there is a possibility that this would only tip off the hacker’s hand even more. So, we’ll give Substratum a pass on this front.
Let’s look at how the price of Substratum was affected during this time, shall we?
There was a solid +20% gain after the tweet was made. Now, this isn’t astronomical by any mean — but the price had been consolidating for hours before this boom (I used the 5-minute chart above).
Is it out of the question to suggest that this was an inside job?
Absolutely not. In fact, barring any greater explanation to what occurred, it seems that this is actually plausible.
The quickness with which Substratum was able to regain access to their account is also fishy as well.
Perhaps it’s worth noting that Twitter offers 2FA, which, in the world of crypto, seems like would be a no-brainer decision.
Here’s a Basic Description of What Substratum is:
An open-source network that allows anyone to allocate their spare computing resources to make the internet a free and fair place for the entire world.