- Hackers took over dozens of high-profile Twitter accounts Wednesday and used them to post messages urging people to send thousands of dollars in bitcoin.
- The scam began when several high-profile cryptocurrency Twitter accounts were compromised and posted malicious links.
- Dozens of high-profile verified accounts, including those of Barack Obama, Joe Biden, Bill Gates, Kim Kardashian West, and Elon Musk – which seemed to be compromised by hackers – posted tweets claiming they would double people’s contributions of $1,000 in bitcoin.
- The bitcoin account linked in the scam tweets appeared to have racked up over $100,000 within an hour of the tweets starting to be posted online, though scammers are known to transfer their own money into accounts to make them appear more legitimate.
- Twitter said it temporarily disabled features, including tweeting, from accounts as it investigated the hacks.
- Twitter said in a statement the company was aware of a “security incident” and “investigating” what happened.
- “We all feel terrible this happened,” CEO Jack Dorsey tweeted Wednesday evening.
- Later Wednesday evening, Twitter announced that it had detected “what we believe to be a coordinated attack by people who successfully targeted some of our employees with access to internal systems and tools.”
- Visit Business Insider’s homepage for more stories.
Dozens of high-profile Twitter accounts were apparently hacked Wednesday as part of a cryptocurrency scam. This included the accounts of the billionaires Bill Gates, Jeff Bezos, Elon Musk, Mike Bloomberg, and Warren Buffett, as well as numerous tech startups and cryptocurrency-related sites. The Twitter accounts of former President Barack Obama and Vice President Joe Biden were also compromised.
The affected accounts posted messages urging their followers to send $1,000 in bitcoin to a specific address, promising to double the contributions in return. The messages appear to employ a common scam tactic used to fleece people out of money by falsely promising to send a bigger sum in return for a payment.
Several of the scam tweets were deleted shortly after they were posted, only for similar tweets to come out of the accounts minutes later.
Later in the evening, the company said it had uncovered “what we believe to be a coordinated engineering attack by people who successfully targeted some of our employees with access to internal systems and tools.” Those with access to those tools, “ostensibly Twitter employees,” can reset email addresses associated with accounts, as TechCrunch reported.
“Our investigation continues and we hope to have more to share there soon,” a Twitter spokesperson told Business Insider.
As hacks persisted, Twitter appeared to temporarily disable verified accounts from tweeting shortly after 6:15 p.m. ET. Twitter said in a subsequent tweet that while it investigated the incident, it would “limit the ability to Tweet, reset your password, and some other account functionalities.”
You may be unable to Tweet or reset your password while we review and address this incident.
— Twitter Support (@TwitterSupport) July 15, 2020
“Tough day for us at Twitter. We all feel terrible this happened,” CEO Jack Dorsey tweeted about the incident Wednesday evening. “We’re diagnosing and will share everything we can when we have a more complete understanding of exactly what happened.”
The scam messages started to pop up shortly after malicious links were tweeted from Twitter accounts for several high-profile cryptocurrency companies, including KuCoin, Binance, and Gemini, the MalwareTech blog said. The website used in the links, titled CryptoForHealth, was pulled offline shortly after the tweets were posted.
A bunch of high profile cryptocurrency Twitter accounts have been hijacked to tweet bitcoin scams. Likely a 3rd party App compromise rather that Twitter itself. Wallet has received ~$6000. pic.twitter.com/D8MiXrz9ml
— MalwareTech (@MalwareTechBlog) July 15, 2020
Binance CEO Changpeng Zhao tried to warn his followers that the tweets were a scam shortly after they were posted, The Block first reported – but his account was apparently also compromised, and hackers quickly hid the warning.
Twitter accounts for CoinDesk and Gemini were also compromised. Both companies said on Twitter they had multifactor authentication enabled on their accounts, meaning hackers were able to bypass traditional login attempts, perhaps through an exploit in Twitter itself.
After hitting cryptocurrency-related companies and outlets, the hackers also accessed the accounts of billionaires and philanthropists, tech companies, music artists, and presidential hopefuls. Hackers also hit influential social-media figures including MrBeast, Kim Kardashian West, and the Twitter personality @TheTweetOfGod.
Bitcoin-transaction receipts appeared to show that the address listed in the scam tweets received almost 13 bitcoins – or about $118,000 – as of Wednesday evening, but it’s possible that some or all of the transactions were carried out by the scammers to make their account appear more legitimate.