Twitter hack: Musk, Obama, Bill Gates, Jeff Bezos, others compromised
Microblogging platform Twitter has been hit by a massive hack by cryptocurrency scammers. The attackers took over several high profile accounts - including those of Elon Musk, Bill Gates, Jeff Bezos - in the last few hours, and used them to trick unsuspecting users into paying crypto coins. Twitter says it has locked the compromised accounts and is investigating the incident. Here's what went down.
Hack targeting business magnates, celebrities, politicians, companies
A few hours ago, many verified high profile accounts began "tweeting" about 'giving back to the community' through Bitcoins. Tweets from the accounts of Elon Musk, Jeff Bezos, Barack Obama, Joe Biden, Bill Gates, Apple went out, with slightly varying iterations of a message that requested the public to send a certain amount (mostly $1,000) and promised to double it up in return.
All messages had the same bitcoin address
The messages from the high profile accounts, which have extra security measures and are less likely to be hacked, puzzled Twitter users. But, soon, it became evident that this was a coordinated defrauding attempt by cryptocurrency scammers who had taken over the accounts. They all tweeted varying messages but the Bitcoin address shared was the same in most of the cases.
Other accounts which were compromised
Along with the aforementioned accounts, the scammers also managed to take over the accounts of Uber, hip-hop mogul Kanye West, former New York City mayor and billionaire Mike Bloomberg, CoinDesk, Binance, Ripple, Gemini, and other figures to promote crypto scams.
Twitter immediately locked affected accounts, began investigation
As the attack surfaced, Twitter came into action, confirming the incident and that it is working on a fix. "We are aware of a security incident impacting accounts on Twitter. We are investigating and taking steps to fix it," the company said, adding that the affected accounts have been locked for now and the tweets posted by the attackers have also been removed.
Early detection suggests Twitter employees were conned
While the investigation is still on, the early detection by Twitter found that some of its employees were targeted by scammers in a coordinated "social engineering attack." As a result, they were tricked into giving away access to Twitter's internal systems and tools, which allowed the scammers to take over several high profile company and individual accounts and promote scams through them.
Here's what Twitter said
Affected accounts still remain locked
When Twitter locked the affected accounts to investigate, it also disabled functionalities like resetting passwords, tweeting for all verified accounts, including those not affected, to prevent further hacks. Now, it has restored those functionalities, but the compromised accounts still remain locked, with the company saying it "will restore access to the original account owner only when we are certain we can do so securely."
Internal access also limited
Beyond that, the company has also said it has limited access to its internal systems for further security. "Internally, we've taken significant steps to limit access to internal systems and tools while our investigation is ongoing," the company said. "More updates to come as our investigation continues." Meanwhile, Jack Dorsey, the CEO of the company, tweeted out it was a "tough day" for them.
