There’s been the most widespread and confounding hacks Twitter has ever seen which targeted major companies and individuals all in service of promoting a bitcoin scam that appears to be earning its creators quite a bit of money.
We don’t know how the hack happened or even to what extent Twitter’s own systems may have been compromised — but following the unprecedented hacks of accounts including President Barack Obama, Joe Biden, Elon Musk, Bill Gates, Kanye West, Michael Bloomberg, and Apple, Twitter has confirmed it took the drastic step of blocking new tweets from every verified user, compromised or no, as well as locking all compromised accounts.
Twitter says they wont be making accounts accessible for them until they are certain they can do so securely.
On Wednesday evening, the company revealed that its own internal employee tools were compromised and used in the hack, which may explain why even accounts that claimed to have two-factor authentication were still attempting to fool followers with the bitcoin scam.
The account takeovers appear to have subsided, but new scam tweets were posting to verified accounts on a regular basis starting shortly after 4PM ET and lasting more than two hours. Twitter acknowledged the situation after more than an hour of silence, writing on its support account at 5:45PM ET, “We are aware of a security incident impacting accounts on Twitter. We are investigating and taking steps to fix it. We will update everyone shortly.”
The chaos began when Tesla CEO Elon Musk’s Twitter account was seemingly compromised by a hacker intent on using it to run a bitcoin scam. Microsoft co-founder Bill Gates’ account was also seemingly accessed by the same scammer, who posted a similar message with an identical bitcoin wallet address. Both accounts continued to post new tweets promoting the scam almost as fast as they were deleted, and Musk’s account in particular was still be under the control of the hacker as late as 5:56PM ET.
Some people apparently fell for the scam and sent money to the associated BTC address, as records of the transactions are public due to the nature of the blockchain-based cryptocurrency. So far, the scammer have amassed nearly $120,000, although it seems as if the account owner is indeed sending money back out as the daily final balance has fluctuated up and down throughout the afternoon.