Hackers promoting crypto scams took over a number of high-profile Twitter accounts Wednesday, including Bill Gates, Kanye West and Elon Musk, who has been a frequent target of would-be crypto scammers. Joe Biden’s account was also briefly taken over, as was Barack Obama’s. Accounts belonging to Apple, Uber, Kanye West, Jeff Bezos and a number of other celebrities and public figures were also hit.
The source of the attack wasn’t immediately clear, but the hackers targeted a wide range of influential accounts with the scam, which aimed to trick users into sending Bitcoin to the hackers.
The attacks appeared to be coordinated, with similar messages shared on multiple accounts. Musk’s account later referenced tweets from Gates. “Me and my brother Bill Gates are returning the favor today! Stay safe out there!”
In a statement, Twitter said it was “aware of a security incident impacting accounts on Twitter,” and said the company was “taking steps to fix it.”
You may be unable to Tweet or reset your password while we review and address this incident.
— Twitter Support (@TwitterSupport) July 15, 2020
Twitter later seemed to temporarily block the ability for its verified users to send any tweets at all. “You may be unable to Tweet or reset your password while we review and address this incident,” the company tweeted.
Also targeted: accounts belonging to CoinDesk, Binance, Ripple, Gemini, and other figures well-known in the cryptocurrency world, though messages shared there were slightly different. A tweet posted to the account of Ripple promised “2,000 Ripple to random addresses that send over 1,000 Ripple to our Covid-19 Fund.” Other messages on targeted accounts, including Coinbase and Gemini, promoted a fictitious giveaway for “CryptoForHealth.”
Many of the messages were removed soon after being posted, with executives of affected companies tweeting out warnings not to fall for the scams.
It’s unclear how the hackers gained access to so many accounts simultaneously, especially high-profile accounts that have extra security measures in place. CoinDesk reports that many of the affected accounts, including its own, were using two-factor authentication.
ALL MAJOR CRYPTO TWITTER ACCOUNTS HAVE BEEN COMPROMISED.
2FA / strong password was used for @Gemini account. We are investigating and hope to have more information shortly. https://t.co/X3C0uJzc6C
— Cameron Winklevoss (@winklevoss) July 15, 2020
Twitter didn’t immediately respond to a request for comment on the hacks. A spokesperson for Gates said the hack “appears to be part of a larger issue Twitter is facing,” in a statement reported by Recode reporter Teddy Schleifer. A Biden spokesperson told Adweek that “Twitter locked down the account immediately following the breach and removed the related tweet.”
The fact that hackers were able to compromise so many Twitter accounts, including Obama and Biden’s, raises serious questions about Twitter’s security and its ability to protect its highest-profile users.
Get your CompTIA A+, Network+ White Hat-Hacker, Certified Web Intelligence Analyst and more starting at $35 a month. Click here for more details.