In one of the most prominent security breaches on a social media site, the accounts of high-profile individuals like Elon Musk, Jeff Bezos, Bill Gates, and Barack Obama were hacked on Twitter. It’s suspected to be part of a larger bitcoin scam.
Other big names targeted in the scam include Kanye West, presidential hopeful Joe Biden, and the corporate accounts of Uber and Apple. The hacked accounts posted similar tweets, instructing people to send bitcoins to a specific address with the promise of returning double the amount.
AT A GLANCE
- Twitter accounts of high-profile individuals compromised
- Suspected to be part of a Bitcoin scam
- Users may be unable to tweet or reset passwords while incident is being reviewed
“I am giving back to the community. All Bitcoin sent to the address below will be doubled! If you send $1,000, I will send back $2,000. Only doing this for 30 minutes,” read a now-deleted tweet from Joe Biden’s account.
The breach could have wide-ranging implications for high-profile individuals like politicians and celebrities who use Twitter as an important social media platform for communication. It remains unclear how much information was accessed by the hackers.
Twitter immediately took down the tweets and restored control of the affected accounts.
“”We are aware of a security incident impacting accounts on Twitter. We are investigating and taking steps to fix it. We will update everyone shortly,” Twitter Support said in a tweet.
As part of their security settings since the hack, some users may now be unable to tweet or reset passwords while the incident is being reviewed. Verified users may not be able to tweet as well.
The security researchers found that the attackers had fully taken over the victims’ accounts, and also changed the email address associated with the account to make it harder for the real user to regain access.
Twitter later said they detected what they believed to be “a coordinated social engineering attack” by people who successfully targeted some Twitter employees with access to internal systems.
“We know they used this access to take control of many highly-visible (including verified) accounts and Tweet on their behalf. We’re looking into what other malicious activity they may have conducted or information they may have accessed and will share more here as we have it,” they explained.