Hackers promoting crypto scams took over a number of high-profile Twitter accounts Wednesday, including Bill Gates, Kanye West and Elon Musk, who has been a frequent target of would-be crypto scammers. Joe Biden’s account was also briefly taken over, as was Barack Obama’s. Accounts belonging to Apple, Uber, Kanye West, Jeff Bezos and a number of other celebrities and public figures were also hit.
The source of the attack wasn’t immediately clear, but the hackers targeted a wide range of influential accounts with the scam, which aimed to trick users into sending Bitcoin to the hackers.
The attacks appeared to be coordinated, with similar messages shared on multiple accounts. Musk’s account later referenced tweets from Gates. “Me and my brother Bill Gates are returning the favor today! Stay safe out there!”
In a statement, Twitter said it was “aware of a security incident impacting accounts on Twitter,” and said the company was “taking steps to fix it.”
You may be unable to Tweet or reset your password while we review and address this incident.
— Twitter Support (@TwitterSupport) July 15, 2020
Twitter later seemed to temporarily block the ability for its verified users to send any tweets at all. “You may be unable to Tweet or reset your password while we review and address this incident,” the company tweeted.
Also targeted: accounts belonging to CoinDesk, Binance, Ripple, Gemini, and other figures well-known in the cryptocurrency world, though messages shared there were slightly different. A tweet posted to the account of Ripple promised “2,000 Ripple to random addresses that send over 1,000 Ripple to our Covid-19 Fund.” Other messages on targeted accounts, including Coinbase and Gemini, promoted a fictitious giveaway for “CryptoForHealth.”
Many of the messages were removed soon after being posted, with executives of affected companies tweeting out warnings not to fall for the scams.
It’s unclear how the hackers gained access to so many accounts simultaneously, especially high-profile accounts that have extra security measures in place. CoinDesk reports that many of the affected accounts, including its own, were using two-factor authentication.
— Cameron Winklevoss (@winklevoss) July 15, 2020
Twitter didn’t immediately respond to a request for comment on the hacks. A spokesperson for Gates said the hack “appears to be part of a larger issue Twitter is facing,” in a statement reported by Recode reporter Teddy Schleifer. A Biden spokesperson told Adweek that “Twitter locked down the account immediately following the breach and removed the related tweet.”
The fact that hackers were able to compromise so many Twitter accounts, including Obama and Biden’s, raises serious questions about Twitter’s security and its ability to protect its highest-profile users.
Tough day for us at Twitter. We all feel terrible this happened.
We’re diagnosing and will share everything we can when we have a more complete understanding of exactly what happened.
💙 to our teammates working hard to make this right.
— jack (@jack) July 16, 2020
Missouri Senator Josh Hawley sent a letter to Twitter CEO Jack Dorsey asking for more information about the hacks, including how many accounts were affected and how the hacks occurred. “I am concerned that this event may represent not merely a coordinated set of separate hacking incidents, but rather a successful attack on the security of Twitter itself,” he wrote. “A successful attack on your system’s servers represents a threat to all of your users’ privacy and data security.”
Dorsey later tweeted that it was a “tough day for us at Twitter,” and said the company would provide more information in the future. “We feel terrible this happened,” Dorsey wrote, several hours after the first hacks occurred. “We’re diagnosing and will share everything we can when we have a more complete understanding of exactly what happened.”
Update 7/15 9:30pm ET: Updated to include comments from Senator Josh Hawley and Jack Dorsey.
Update 7/15 11:16pm ET: In an update, Twitter said the attacks happened as a result of a “social engineering attack” targeting its employees.