this is as this is all going on with
microsoft
many twitter accounts were compromised
today
being that we're shooting on a wednesday
is this was today the single largest
account compromisation on on twitter in
a day
i don't really i don't know the stats on
that job i don't recall any other day
like this where
where twitter blew up
so the question becomes which staff
member at twitter
got canned and they left their account
open because here's the thing
today so we're shooting on wednesday yes
the 15th you said of july 15th i've lost
all track
i've given up on time and in this
one day apple
their twitter account elon musk
bloomberg what
cash app yep jeff bezos maybe you've
heard of them
i think is that is that the guy that
runs that big company
ah yeah i can't remember amazon amazon
oh yeah
wow right heard of them bill gates
he says what bill gates
uber tron justin sun
bitcoin bitcoin got hacked
oh ah that one hurts
not bitcoin but bitcoin's twitter
account coinbase
coinbase and the list goes on and on
and then gets into political figures
such as joe biden
and are you ready for this barack obama
ah obama got it gotta act
so yes some of you may be noticing a
trend however
here's the thing the the particular hack
posted on all of these accounts pretty
much
simultaneously like within minutes of
one another really
a pretty traditional cryptocurrency
um scam so basically so elon musk's
twitter account said
sen i'm feeling generous so for the next
30 minutes
send me 1 000 worth of bitcoin
and i will send you back 2 000
worth of bitcoin bill gates's twitter
account
tweeted send me one thousand dollars
worth of bitcoin and i will tweet you
and i will send you back one uh two
thousand
dollars worth of bitcoin but here's the
thing jeff
bitcoins twitter said
yes send me one thousand dollars worth
of bitcoin and i will send you two
thousand dollars of bitcoin
so do you see
how we need to
think about things before we
automatically trust
them well i was this was my thing like
if i saw that my first
thought would be this isn't legit
yes however elon we know banks
cryptocurrency
yes bitcoin we know has access to
insurmountable amount of bitcoin
so why why not and then there are others
who are saying
oh click this link we're going to uh
contribute to
um medical science through bitcoin and
so on and so forth
so there this was a massive attack yeah
a
massive attack we don't currently at
least as as of the time that we're
shooting this
know who is responsible or or
some would say why the question becomes
why
well clearly they want bitcoin but would
anyone fall for jeff
would anyone well unfortunately yes the
interesting thing about bitcoin is you
can
not track the transactions however you
see that the transactions occurred
that's right and so when bill gates
worth of bitcoin and i will send you two
thousand dollars worth of bitcoin back
in the first five minutes oh no
50 000
worth of bitcoin were sent
to that bitcoin address in five minutes
very difficult math here ten thousand
dollars per minute
and you're not getting it back like you
can't recover that
you can't recover it it can't be traced
you can't even prove it
because bitcoin is secure it's part of
the cryptocurrency
blockchain oh that just hurts to hear
yeah so let's have a moment of silence
for those who fell for this scam
but this really
was a really quick moment of silence
yeah let's have a look
let's move on let's move on you're a
bunch of idiots
you fell for it again you fool oh god
we've told you we've warned you none of
our viewers fell for it jeff
i you know what if you did please
comment and let us know
and and why i sure hope not why
would you click that why
oh dear this oh you know what can you
just
indulge me can we get a double face palm
i can't help but smile jeff i gotta look
serious but
i can't help but smirk oh and that was
just bill gates again what about the
other accounts do we have stats on that
yet or
uh there are stats i mean you can look
at the bitcoin addresses that they
posted
now last i checked twitter was
privy to the fact that this was
occurring right and they said they were
investigating and in fact they were
locking down
the ability for some accounts to tweet
okay so they're on top of it probably by
the time this goes live
we're gonna know more but at the point
of
where we are right now sitting in our
studio recording
it's happening in real time right now
so here's the question that is running
through my head
is this a security breach on twitter
or is this a security breach on the
devices that
run those twitter accounts because the
fact that they were all
fairly simultaneous within minutes of
one another
makes me wonder was it an
uh an attack in in the twitter
infrastructure is that
why i joke what staff member at twitter
got fired
yeah right but if it wasn't then it
becomes a matter of
well the dark web well yeah but what's
out there that's for sale all of these
accounts
at the same time it means that either
there was a a a
some sort of smart entity that was
logged into all of these at the same
time and went okay go
uh or was it a you know your typical
email thing you click the link and
suddenly you're infected was it
something like that where it just kind
of did all these
yeah is there connection verified folks
fell for
fishing scams spear phishing scams
are on the rise right now and the fact
is that during covet 19 i mean hey
you might be work from home but so are
the hackers
is there the possibility again this is
just kind of
starting to think outside the box but
could there be a relation to
uh like a an unrelated service where
there's some sort of uh
phishing program that's collecting
information where all of them are using
it um
like i know we covered in the news
couple weeks ago about discord that
there's bots on the rise
uh or could it be like i'm just trying
to think of some because i mean a lot of
those
are tech based we can speculate jeff we
don't know
at least at the time of filming yeah we
yeah there's absolutely a possibility of
like i think spearfishing is a very real
possibility
um somebody compromising phones and
who knows what would 2fa fix this i
don't know but here's what our crypto
correspondent robert koenig says
post this privately to us yes and this
may be what you're
what's kind of triggering this thought
process for you
he posted this in our staff channel on
our discord and says
i haven't read it yet well here here you
go jeff
because this is going to be deja vu when
you go home later and you read this okay
fair enough
robert koenig is our crypto
correspondent from the newsroom and he
says
uh from from uh the crypto corner
says those scams are really clever
okay absolutely they even know how to
place
ads on youtube what
and that's true and scary because
yeah i've seen it where some malicious
ads trick people into clicking
and providing their details wow
um okay so here's the thing that robert
stresses he says
on github on youtube twitter
two-factor authentication or
multi-factor authentication
is an absolute must
these days okay however
he warns do not rely on your cell phone
because as in like the number or the
device the phone number
so sms as 2fa
oh don't rely on your sms as 2fa because
your phone number can be hacked
quite easily oh yes a sim swap can occur
quite easily yep
and that's some food for thought because
if you're relying on your phone's
phone number that can be hacked that can
be
obtained and used by someone else so for
anybody who's watching
that's going i i've just lost a thousand
dollars in bitcoin
i'm sorry for your loss uh
you said that so straight face that was
good
uh if they're going okay so i don't want
to use my cell phone
number for two-factor authentication
what other options
are available for them for 2fa the
google authenticator app i mean there's
other authenticator apps there are
tokens that you can purchase okay you
can get them off amazon i mean you can
get
uh physical hardware keys that have a
token
that do look for things like single-use
passwords and
and it's easy enough i mean google
authenticator works pretty well
um and and you just don't want to uh you
don't want to lose your phone
because that causes a problem yes if you
lose your
you can use your phone as the
authentication device but robert
is very specific in his phrasing when he
says don't use your phone number
right as the 2fa right and that
absolutely makes sense
absolutely google authenticator on the
other hand and i say that because
that's a very common one there are other
authenticator apps
or single use password one-time password
otp apps available but
they generate a password and they
refresh every 15 seconds or something
like that
so it it makes sure that that one-time
password is only available for 15
seconds yeah so if you don't have your
phone you're not getting in
yeah and you really do need multi-factor
authentication on
every service these days period oh
absolutely period
yep yep and it really does it's not the
perfect solution it's not you don't be
complacent
but realize that if you don't have 2fa
you are in a very risky situation
these days i was a part of a
kingston tweet up tweet up i guess they
call it
the other day about encryption 2fa those
kinds of things and one of my comments
was
like if you had a device that had a
bunch of data on it you left it on your
car seat and someone stole it
would one would you lose any of the data
and two would they gain access to that
data
and the answer to both of those
questions should be no correct
and that encryption should be
authentication enabled you should have
2fa
in order to be able to access the data
so even if they figure out the
decryption
they don't have your phone they don't
have your authenticator app
right so they can't gain access to that
that's very very important these days
folks i can't stress
you