Twitter feels 'terrible' for Bitcoin scam that targeted politicians and CEOs

Social network believes scam to be 'co-ordinated social-engineering attack' that targeted employees who had administrative access.

Twitter: those targeted include Biden, Gates and Obama
Twitter: those targeted include Biden, Gates and Obama

Twitter chief executive Jack Dorsey has apologised after the social network fell victim to a cyberattack that hacked several high-profile accounts – including the official accounts of politician Joe Biden and tech moguls Bill Gates and Jeff Bezos – in order to spread a cryptocurrency scam.

The hacked accounts posted a message telling users they were "giving back to the community", linking to the address of a Bitcoin wallet with the claim that they would send back double the amount of any payments made to the address.

Other accounts targeted by the scam include Apple, Elon Musk, Kim Kardashian West, Barack Obama, Wiz Khalifa, Warren Buffett, Wendy’s, Uber, CashApp and Mike Bloomberg. Cryptocurrency-focused accounts such as @bitcoin, @ripple, @coindesk, @coinbase and @binance were the first targets of the scam posts.

Dorsey posted in the early hours of today (Thursday) to tell users the platform feels "terrible".

The platform's support team has launched an investigation into the attack. Its early assumptions are that it is a "co-ordinated social-engineering attack" by people who successfully targeted some Twitter employees who had access to internal systems and tools. The hackers used this administrative access to take control of many highly visible (including verified) accounts and tweet on their behalf.

Since the hackers took control of the accounts, investigative journalist Brian Krebs raised the question of whether the hackers could have viewed the direct messages of those politicians, chief executives and celebrities.

The affected accounts were locked down and scam tweets removed within hours of the attack. Twitter confirmed that it locked a slew of verified accounts from tweeting for a period of time – even those with no evidence of being compromised – while it investigated the issue.

"This was disruptive, but it was an important step to reduce risk," the @TwitterSupport account said. "Most functionality has been restored but we may take further actions and will update you if we do."

"Social listening" cryptocurrency platform LunarCrush said the scam led to the biggest-ever spike in conversation about cryptocurrency within a 24-hour time span, with more than 550,000 social posts about cryptocurrency across platforms including Twitter, Reddit, YouTube and Medium, of which 95% of posts were related to Bitcoin.

The hack has had little to no effect so far on Bitcoin’s price, but Twitter is down in after-hours trading, LunarCrush said.

A version of this story first appeared on Campaign Asia-Pacific

Topics

Become a member of Campaign from just £88 a quarter

Get the very latest news and insight from Campaign with unrestricted access to campaignlive.co.uk , plus get exclusive discounts to Campaign events

Become a member

Looking for a new job?

Get the latest creative jobs in advertising, media, marketing and digital delivered directly to your inbox each day.

Create an alert now

Partner content