By
Godfrey Benjamin
March 15th, 2024
More than 37,000 PwC Venezuela Twitter followers were able to see the Tweets on the hacked page for quite long, about 8 hours.
The official Twitter account of PricewaterhouseCoopers (PwC) Venezuela, the subsidiary of one of the four largest professional services firms in the world, was hacked. Starting at 2:13 AM UTC on Sunday, it started posting tweets with links to a website claiming to represent the Ripple Labs company and promising to give away XRP coins.
Attack on PwC Venezuela Twitter Account
The attackers had posted 14 tweets before the account owner became aware of the scam. More than 37,000 PwC Venezuela Twitter followers were able to see the Tweets on the hacked page for quite a long, about 8 hours. Usually, these kinds of attacks ask users to follow the link, and then users are expected to deposit some amount of cryptocurrency in order to receive more in return. As a result of this malicious strategy, investors lose their funds.
Earlier this month, Twitter announced testing a new feature that would allow users to edit tweets for a limited time after posting them. The opinions on the initiative differ. Some supported the idea itself, while others raised concerns that this would encourage malicious behavior similar to the one PwC Venezuela’s account suffered.
In August, Twitter reported a data breach of 5.4 million accounts, with their phone numbers and email addresses stolen due to the zero-day vulnerability on the platform. At that time, the company said that no passwords were compromised and continued to encourage users to enable two-factor authentication (2FA) for their accounts, either in the form of authentication apps or hardware keys.
Hackers’ Activity Explosion
Cyberattacks have become a frequent phenomenon lately.
Recently, BlueBenx, Brazilian all-in-one blockchain banking platform for cryptocurrency users, reported a hack that drained $32 million. As a result, the platform blocked all of its 22,000 users from withdrawing their funds. Besides, the company also fired all of its employees on the same day. Notably, earlier this year, the Brazilian Securities and Values Commission investigated BlueBenx due to allegedly offering unregistered securities in its investment portfolio.
Another hack targeted General Bytes Bitcoin (BTC) ATMs using their ‘zero day’ vulnerability to steal the crypto deposited by users. As we have reported, the hackers identified a security vulnerability in the interface of the remote Crypto Application Server (CAS) that controls General Bytes ATMs. Next, they modified the settings, creating a new default admin user. Further, the “invalid payment address” settings made the users forward funds to the attacker’s wallet when sending cryptocurrency to an ATM.
The number of cyberattacks has rapidly increased. Only this year so fas, as much as $1.9 billion worth of cryptocurrency was stolen in hacks of various services, which is 60% more in comparison to last year. Notably, most of them are targeting DeFi projects.