A number of high-profile Twitter accounts were simultaneously hacked by attackers who used the accounts — some with millions of followers — to spread a cryptocurrency scam.
Apple, Elon Musk and Joe Biden were among the accounts compromised in a broadly targeted hack that remained mysterious hours after taking place. Those accounts and many others posted a message promoting the address of a bitcoin wallet with the claim that the amount of any payments made to the address would be doubled and sent back — a known cryptocurrency scam technique.
In the hours following the initial scam posts, Kim Kardashian West, Jeff Bezos, Bill Gates, Barack Obama, Wiz Khalifa, Warren Buffett, YouTuber MrBeast, Wendy’s, Uber, CashApp and Mike Bloomberg also posted the cryptocurrency scam.
While we’re still learning more specifics about how the hack went down, we can report that the hacker leveraged an internal Twitter admin tool to gain access to the high-profile accounts. That reporting was soon confirmed by Twitter’s own account of what happened. On Wednesday evening, the company tweeted that “a coordinated social engineering attack” on employees gave a hacker “access to internal systems and tools.”
Twitter first acknowledged the situation at 2:45 p.m. PT Wednesday afternoon, referring to it as a “security incident.”
Some Democratic political figures were also hacked as part of the cryptocurrency scam, including Barack Obama, Joe Biden and Mike Bloomberg. An official from the Biden campaign told TechCrunch that Twitter locked down the former vice president’s account “immediately” after it was compromised and the campaign remains in close contact with Twitter on the issue. At the time of writing, no accounts belonging to Republican politicians appear to have been hacked.
It’s not immediately known how the account hacks took place. Security researchers, however, found that the attackers had fully taken over the victims’ accounts, and also changed the email address associated with the account to make it harder for the real user to regain access.
A Twitter spokesperson, when reached, said the company was “looking into” the matter but didn’t immediately comment.