Social network Gab says it briefly took itself offline to fix a bitcoin spam problem affecting ‘fewer than 20’ of its accounts

gab qanon quote tweet
A Gab logo.

Social network Gab on Friday said it took itself offline "out of an abundance of caution" to fix a bitcoin spam issue. 

The company said it discovered and fixed a "security vulnerability" in its codebase. 

"At 6:09pm EST Gab became aware of several accounts that were posting bitcoin wallet spam and related content," the company said in a blog post signed by Andrew Torba, chief executive. 

About 16 minutes after it discovered the spam, Gab took itself offline, according to the blog post. Fox News, The New York Post, and other publications covered the outage on Friday.  

"Because of our quick action zero bitcoin was sent to any of the addresses posted and the affected accounts have been secured," Gab said. 

Gab is the latest among its social media peers to be attacked by bitcoin spammers. Last July, Twitter hackers took over dozens of high-profile accounts - including those of former President Barack Obama and Tesla CEO Elon Musk - and posted bitcoin scam links. When Apple's Twitter account posted its first public tweet, it was a bitcoin scam. Hackers may have made off with about $120,000 in bitcoin in that attack.

On Friday, fewer than 20 Gab accounts were affected by a bitcoin spam issue, the company said in its blog post.

Gab didn't say which accounts were affected, but Newsweek reported that some Twitter users posted images showing Gab accounts from notable right-wing media outlets. In screenshots posted on Twitter, people were asked to donate funds to a strange URL.

"We have no indication that any sensitive account information was breached or accessed by any unauthorized users," Gab said. 

The company said it planned a "full audit of our logs and infrastructure." All active user sessions were ended, so every user needed to log in again.

"As Gab scales, our top priority is keeping your information secure. We will immediately be expanding our security and infrastructure team and launching a bug bounty program," the blog post added.  


Read the original article on Business Insider

Comments are closed.