Major US Twitter accounts hacked in Bitcoin scam

Apple hacked tweet
A hacked tweet from Apple's account

Billionaires Elon Musk, Jeff Bezos and Bill Gates are among many prominent US figures targeted by hackers on Twitter in an apparent Bitcoin scam.

The official accounts of Barack Obama, Joe Biden and Kanye West also requested donations in the cryptocurrency.

“Everyone is asking me to give back,” a tweet from Mr Gates’ account said. “You send $1,000, I send you back $2,000.”

“Tough day for us at Twitter. We all feel terrible this happened,” tweeted CEO Jack Dorsey late on Wednesday.

“We’re diagnosing and will share everything we can when we have a more complete understanding of exactly what happened,” said Mr Dorsey.

Earlier, Twitter took the extraordinary step of stopping many verified accounts marked with blue ticks from tweeting altogether.

There were reports that password reset requests were also being denied.

San Francisco-based Twitter later said most accounts would be able to tweet again, but the company was still “working on a fix”.

Dmitri Alperovitch, who co-founded cyber-security company CrowdStrike, told Reuters news agency: “This appears to be the worst hack of a major social media platform yet.”

On the official account of Mr Musk, the Tesla and SpaceX chief appeared to offer to double any Bitcoin payment sent to the address of his digital wallet “for the next 30 minutes”.

“I’m feeling generous because of Covid-19,” the tweet added, along with a Bitcoin link address.

The tweets were deleted just minutes after they were first posted.

A hacked tweet from Elon Musk's account
One of the hacked tweets from Elon Musk’s account
Presentational white space

But as such tweet from Musk’s account was removed, another one appeared, then a third.

As well as rapper Kanye West, his wife, reality TV star Kim Kardashian, former US President Obama, Mr Biden, who is the current Democratic presidential candidate, and media billionaire Mike Bloomberg, major companies Uber and Apple were targeted.

The Biden campaign said Twitter had “locked down the account within a few minutes of the breach and removed the related tweet”.

A spokesman for Bill Gates told AP news agency: “This appears to be part of a larger issue that Twitter is facing.”

Cameron Winklevoss, who was declared the world’s first Bitcoin billionaire in 2017 along with his twin brother Tyler, tweeted a message on Wednesday warning people not to participate in the “scam”.

Presentational white space

In the short time it was online, the link displayed in the tweets of targeted accounts received hundreds of contributions totalling more than $100,000 (£80,000), according to publicly available blockchain records.

The Twitter accounts targeted all have millions of followers.

Last year, Twitter chief executive Jack Dorsey’s account was hacked, but the company said it had fixed the flaw that left his account vulnerable.

The FBI’s San Francisco field office put out a statement on Wednesday about the latest cyber-breach.

“The accounts appear to have been compromised in order to perpetuate cryptocurrency fraud,” it said.

“We advise the public not to fall victim to this scam by sending cryptocurrency or money in relation to this incident.”

An unprecedented ‘smash and grab’

Analysis box by Joe Tidy, Cyber-security reporter

These “double your Bitcoin” scams have been a persistent pest on Twitter for years but this is unprecedented with the actual accounts of public figures hijacked and on a large scale.

The fact that so many different users have been compromised at the same time implies that this is a problem with Twitter’s platform itself.

Early suggestions are that someone has managed to get hold of some sort of administration privileges and bypassed the passwords of pretty much any account they want.

With so much power at their fingertips the attackers could have done a lot more damage with more sophisticated tweets that could have harmed an individual or organisation’s reputation.

But the motive seems to be clear – make as much money as quickly as they can. The hackers would have known that the tweets wouldn’t stay up for long so this was the equivalent of a “smash and grab” operation.

There are conflicting accounts of how much money the hackers have made and even when a figure is settled upon, it’s important to remember that cyber-criminals are known to add their own funds into their Bitcoin wallets to make the scam seem more legitimate.

Either way, it’s going to be very hard to catch the criminals by following the money. Law enforcement, as well as many angry users, will have some strong questions for Twitter about how this could have happened.

Source: bbc.co.uk

About World Justice News 4183 Articles
Brings you breaking crime news and other interesting crime stories from around the world.

Be the first to comment

Leave a Reply