This story has been updated to include new information from Twitter.
Twitter has suffered a serious security breach in an incident that saw some of the social media giant’s most prominent users send fake tweets as part of a bitcoin scam.
Bill Gates, Elon Musk, Barack Obama, Jeff Bezos, Kanye West, as well as bitcoin exchanges and Apple, all tweeted that they were “giving back to [their] community” through bitcoin.
“All Bitcoin sent to my address below will be sent back doubled,” said a tweet posted from Kanye West’s account, which followed the same pattern as other hacked tweets.
The bitcoin address directed to by the fake tweets soon filled up with 12.8 bitcoins worth over $165,000.
Twitter accounts for cryptocurrency exchanges were also breached, with a number of well-known exchanges like Gemini and Coinbase saying they had “partnered with CryptoForHealth and are giving back 5000 BTC to the community”.
The tweet linked to a bogus CryptoForHealth website which was soon taken down.
Twitter has often been used by cryptocurrency scammers who reply to tweets from users with massive followings – like Elon Musk – directing users to send to an account as part of a giveaway.
A bunch of high profile cryptocurrency Twitter accounts have been hijacked to tweet bitcoin scams. Likely a 3rd party App compromise rather that Twitter itself. Wallet has received ~$6000. pic.twitter.com/D8MiXrz9ml— MalwareTech (@MalwareTechBlog) July 15, 2020
Twitter eventually took action, suspending activity from the verified accounts while it tried to gain back control of its own platform.
You may be unable to Tweet or reset your password while we review and address this incident.— Twitter Support (@TwitterSupport) July 15, 2020
Founders of Gemini – Cameron and Tyler Winklevoss – said the company used strong passwords and two-factor authentication on their corporate account.
Around four hours after the hacks, Twitter posted an update on their investigations into the incident.
"We detected what we We detected what we believe to be a coordinated social engineering attack by people who successfully targeted some of our employees with access to internal systems and tools," Twitter said.
"We know they used this access to take control of many highly-visible (including verified) accounts and Tweet on their behalf.
"We’re looking into what other malicious activity they may have conducted or information they may have accessed and will share more here as we have it."