Bitcoin scammers targeted the Twitter accounts of Elon Musk, Bill Gates, Kanye West, Barack Obama and other famous tech executives, artists and politicians on Wednesday. appears to be a large-scale hack. Apple, Uber, and other companies were also caught in the expanding hack, which Twitter later attributed to a social engineering attack on its employees.
Twitter accounts with millions of followers appeared to have been compromised, raising concerns about whether the company is doing enough to protect the safety of its users. While cryptocurrency scams are not a new problem for Twitter, the size of Wednesday’s attack is unusual.
“I feel generous for Covid-19,” reads a tweet now removed from Musk’s account. “I will duplicate any BTC payments sent to my BTC address within the next hour. Good luck and stay safe out there!”
Similar tweets were sent through the Twitter account belonging to Gates, the billionaire philanthropist and Microsoft co-founder. “I double all payments sent to my BTC address over the next 30 minutes. You send $ 1,000, I return $ 2,000,” said the tweet, which was removed.
Scam tweets would disappear periodically, only to reappear minutes later.
A Gates spokesman confirmed that the tweet was not sent by the billionaire.
“We can confirm that this tweet was not sent by Bill Gates. This appears to be part of a larger problem facing Twitter. Twitter is aware and is working to restore the account,” the spokesperson said in a statement.
The Obama account tweeted a similar message shared by Musk and Gates. In a tweet sent to his 120 million followers, the Obama account tweeted that he was returning due to the new coronavirus and would double all bitcoins sent to his address in the next 30 minutes.
It was not immediately clear how the hack was carried out or how many accounts were affected, although Twitter provided an update on Wednesday night indicating that while its investigation into the hack was ongoing, it had determined that it was the result of a ” coordinated social engineering attack. ”
“We detected what we believe to be a coordinated social engineering attack by people who successfully attacked some of our employees with access to internal tools and systems,” Twitter said in a tweet. (For tips on how to protect your Twitter account, see this CNET history.)
But during the first two hours of the attack, Twitter still had no control over the incident. In a tweet, the company said some users may not be able to tweet or reset their password while reviewing and addressing the issue. Twitter also started removing tweets from screenshots showing internal tools which were possibly used in the attack.
Twitter CEO Jack Dorsey tweeted Wednesday night that it was “a difficult day for us on Twitter” and promised to share the company’s findings when he completed his diagnosis of the attack.
Some users who tried to tweet received an error message, this seemed to apply only to users verified with “blue checks”.
“It appears that this request could be automated. To protect our users from spam and other malicious activities, we cannot complete this action now. Please try again later,” the message said. Twitter did not respond to questions about whether only verified accounts were unable to tweet.
Twitter has now removed this restriction. Users with verified accounts can now tweet again, but Twitter Support stated that the functionality can “come and go.”
“We are working to get things back to normal as quickly as possible,” the tweet said.
Scam tweets end with a link where unsuspecting readers can send Bitcoin. As of Wednesday afternoon, a timely verification of the BTC address of the tweets shows a total received of 12,30776555 BTC, approximately $ 113,572.
Wednesday’s trick isn’t the first time Twitter accounts have been compromised by scammers. In 2018, hackers took control of Google’s verified Target and G-Suite Twitter accounts. Twitter said hackers in that attack exploited a third-party marketing service, not its own system. Twitter later banned crypto ads, but that hasn’t stopped scammers from coming back to the platform.
Even Dorsey it has not been immune to piracy. In 2019, Dorsey’s account was compromised, and hackers tweeted sexist, racist, and anti-Semitic comments. Twitter said there was a security issue with Dorsey’s mobile phone provider that allowed hackers to compose and send tweets from their account via text message. In a tactic known as SIM swapping, a hacker bribes an employee of a mobile phone provider to change the numbers linked to the SIM card. This allows them to avoid security measures such as two-factor authentication.
Politicians urged others on Wednesday not to fall for the Bitcoin scam and some contacted Dorsey for answers. Senator Josh Hawley, a Republican from Missouri, asked Dorsey in a letter to answer questions such as whether the attack threatened the security of President Donald Trump’s account and its impact on the security of other users.
“I am concerned that this event may represent not just a coordinated set of separate piracy incidents, but rather a successful attack on Twitter’s security,” he said in the letter. “A successful attack on your system’s servers poses a threat to the privacy and data security of all its users.”
Musk and Gates were not the only high-profile accounts that appear to have been compromised. Fraudulent tweets were seen in the feeds of fast food chain Wendy’s, Democratic presidential candidate Joe Biden, philanthropist Warren Buffett, musician Wiz Khalifa, Amazon CEO Jeff Bezos, and celebrity Kim Kardashian. Scammers also appear to have targeted athletes, such as former professional boxer Floyd Mayweather and even a popular God Parody account, alongside cryptocurrency businesses.
“ALL MAIN TWITTER CRYPTO ACCOUNTS HAVE BEEN COMMITTED,” tweeted Cameron Winklevoss, co-founder of the Gemini cryptocurrency exchange. “We are investigating and hope to have more information soon.”
“WARNING: @ Gemini’s Twitter account, along with other crypto Twitter accounts, has been hacked,” added Tyler Winklevoss, echoing the concern of his twin brother and co-founder of Gemini. “This has resulted in @Gemini, @coinbase, @binance and @CoinDesk tweeting about a fraudulent association with CryptoForHealth. DO NOT CLICK ON THE LINK! These tweets are scams.”
Tesla did not immediately respond to a request for comment. In the US, #Hacked was trending alongside Bitcoin and #twitterhacked.