Maybe It Wasn’t About the Money - Few People Fell for Twitter Hack, Data Indicates

While the crypto wallets associated with the scam registered over 400 transactions, the attackers seem to have made away with a relatively small haul.

AccessTimeIconJul 16, 2020 at 7:46 p.m. UTC
Updated Sep 14, 2021 at 9:32 a.m. UTC
10 Years of Decentralizing the Future
May 29-31, 2024 - Austin, TexasThe biggest and most established global hub for everything crypto, blockchain and Web3.Register Now

Even though Wednesday’s Twitter hack grabbed the world’s attention by taking over a host of prominent accounts including those belonging to Elon Musk, Uber, Apple and Barack Obama, transaction data for crypto wallets associated with the attacks shows the hackers didn’t make out like bandits. It raises the question: Why not?

With the attacks, millions of people saw the same scam-type message shared on their feeds, soliciting bitcoin with the promise it would be doubled and sent to a group called “Crypto for Health.”

Crypto-analytics firm Chainalysis told CoinDesk that it had identified and was monitoring four crypto wallets associated with the attack, three of which received bitcoin and one was for XRP but hadn’t received anything by press time. 

  • The most prominent bitcoin address registered 372 incoming bitcoin transactions, and nine withdrawals from the wallet had been made by press time, according to data reviewed by CoinDesk. 
  • The secondary BTC addresses registered a total of 100 transactions and received about $6,700 in bitcoin, Chainalysis said. While over 400 transactions were registered on the wallets in total, the attacks appear to have yielded a relatively marginal amount of $123,200.
  • According to Chainalysis, part of the scam relied on the hackers moving their own crypto between the wallets to create the impression that many people were participating in the offer. While 156 wallets appear to have given away more than a $1, it’s difficult to parse which one of the transactions could belong to the hackers.
  • Some people were clearly duped, however, with 17 wallets having given away more than $1000, including a Japanese wallet that gave $40,000 away, to a Twitter scam that rivaled in sophistication to an email solicitation from a “Nigerian prince.”
  • So considering the hackers had access to the Twitter accounts of some of the most influential business people in the world, the lack of sophistication of the bitcoin solicitation may indicate the perpetrators had other goals besides money.
  • For instance, the profit from yesterday’s massive attack contrasts sharply with the more than $240,000 yielded in 2000 from a hack on just one mid-sized tech company. 
  • In that instance, a former employee of a press release distribution company accessed that company’s system to issue a false release on behalf of Emulex Corp., a networking firm, the shares of which he was short. That release, which purported to disclose financial irregularities at Emulex, cost shareholders about $110 million after the fake news disclosure initially wiped out more than $2 billion off Emulex’s market cap.
  • So clearly the effects of Wednesday’s hacks could have been significantly worse, perhaps even catastrophic.
  • It’s possible yesterday’s attack was more about the vanity of the hackers rather than any serious attempt to get rich. Or perhaps Michael Caine was right when talking about Heath Ledger’s character in The Dark Knight; maybe some people do just want to watch the world burn.


Please note that our privacy policy, terms of use, cookies, and do not sell my personal information has been updated.

CoinDesk is an award-winning media outlet that covers the cryptocurrency industry. Its journalists abide by a strict set of editorial policies. In November 2023, CoinDesk was acquired by the Bullish group, owner of Bullish, a regulated, digital assets exchange. The Bullish group is majority-owned by; both companies have interests in a variety of blockchain and digital asset businesses and significant holdings of digital assets, including bitcoin. CoinDesk operates as an independent subsidiary with an editorial committee to protect journalistic independence. CoinDesk employees, including journalists, may receive options in the Bullish group as part of their compensation.

Learn more about Consensus 2024, CoinDesk's longest-running and most influential event that brings together all sides of crypto, blockchain and Web3. Head to to register and buy your pass now.