- Hackers took over dozens of high-profile
Twitter accounts Wednesday and used them to post messages urging people to send thousands of dollars inbitcoin . - The scam began when several high-profile
cryptocurrency Twitter accounts were compromised and posted malicious links. - Dozens of high-profile verified accounts, including those of Barack Obama, Joe Biden, Bill Gates, Kim Kardashian West, and Elon Musk — which seemed to be compromised by hackers — posted tweets claiming they would double people's contributions of $1,000 in bitcoin.
- The bitcoin account linked in the scam tweets appeared to have racked up over $100,000 within an hour of the tweets starting to be posted online, though scammers are known to transfer their own money into accounts to make them appear more legitimate.
- Twitter said it temporarily disabled features, including tweeting, from accounts as it investigated the hacks.
- $4 the company was aware of a "security incident" and "investigating" what happened.
- "We all feel terrible this happened," CEO $4 Wednesday evening.
- Later Wednesday evening, Twitter $4 it had detected "what we believe to be a coordinated attack by people who successfully targeted some of our employees with access to internal systems and tools."
Dozens of high-profile Twitter accounts were apparently hacked Wednesday as part of a cryptocurrency scam. This included the accounts of the billionaires Bill Gates, Jeff Bezos, Elon Musk, Mike Bloomberg, and Warren Buffett, as well as numerous
The affected accounts posted messages urging their followers to send $1,000 in bitcoin to a specific address, promising to double the contributions in return. The messages appear to employ a common scam tactic used to fleece people out of money by falsely promising to send a bigger sum in return for a payment.
Several of the scam tweets were deleted shortly after they were posted, only for similar tweets to come out of the accounts minutes later.
Later in the evening, $4 it had uncovered "what we believe to be a coordinated engineering attack by people who successfully targeted some of our employees with access to internal systems and tools." Those with access to those tools, "ostensibly Twitter employees," can reset email addresses associated with accounts, $4.
"Our investigation continues and we hope to have more to share there soon," a Twitter spokesperson told Business Insider.
As hacks persisted, Twitter appeared to temporarily disable verified accounts from tweeting shortly after 6:15 p.m. ET. Twitter $4 that while it investigated the incident, it would "limit the ability to Tweet, reset your password, and some other account functionalities."
—Twitter Support (@TwitterSupport) $4
"Tough day for us at Twitter. We all feel terrible this happened," $4 about the incident Wednesday evening. "We're diagnosing and will share everything we can when we have a more complete understanding of exactly what happened."
The scam messages started to pop up shortly after malicious links were tweeted from Twitter accounts for several high-profile cryptocurrency companies, including KuCoin, Binance, and Gemini, $4 said. The website used in the links, titled CryptoForHealth, was pulled offline shortly after the tweets were posted.
—MalwareTech (@MalwareTechBlog) $4
Binance CEO Changpeng Zhao tried to warn his followers that the tweets were a scam shortly after they were posted, $4 first reported — but his account was apparently also compromised, and hackers quickly hid the warning.
Twitter accounts for $4 and $4 were also compromised. Both companies said on Twitter they had multifactor authentication enabled on their accounts, meaning hackers were able to bypass traditional login attempts, perhaps through an exploit in Twitter itself.
After hitting cryptocurrency-related companies and outlets, the hackers also accessed the accounts of billionaires and philanthropists, tech companies, music artists, and presidential hopefuls. Hackers also hit influential social-media figures including MrBeast, Kim Kardashian West, and the Twitter personality @TheTweetOfGod.
Bitcoin-transaction receipts $4 that the address listed in the scam tweets received almost 13 bitcoins — or about $118,000 — as of Wednesday evening, but it's possible that some or all of the transactions were carried out by the scammers to make their account appear more legitimate.