Twitter hack: Massive breach affects Bill Gates, Elon Musk, Obama, and others

On 15 July, Twitter experienced a massive hack that affected multiple major accounts and shared out a Bitcoin scam to millions of users.

The hack saw major accounts breached, sending out scam tweets multiple times. Accounts included Bill Gates, Apple, Elon Musk, Barack Obama, Kanye West, Uber, Mike Bloomberg, Joe Biden, Jeff Bezos, and more.

YouTuber Mr Beast’s account also tweeted out the scam. Considering that the YouTuber is famous for giving out free money, many saw this tweet as one of the most likely to fool followers.

While some tweets were deleted within minutes, others stayed up longer. As a result, the Bitcoin scammer saw large amounts of the cryptocurrency transferred to their account.

The scam promised to send users double the Bitcoin back. The tweet would also appear at the top of the hack user’s account, as a pinned tweet.

The account received just under 13 Bitcoin over the course of the evening, valued at over $117 000. When it had reached around $100 000, the Bitcoin address owner started draining the fund.

Later on, a slightly different Bitcoin address appeared in identical messages affecting smaller accounts.

Many users criticised Twitter’s lack of response as the widespread nature of the hack became apparent.

While many accounts had deleted the tweets, more appeared on other major accounts. Elon Musk and Bill Gates were among the first accounts affected.

However, by the time the hack had gained widespread attention and reporting, more verified accounts were affected.

Barack Obama, Joe Biden, and Jeff Bezos’ accounts tweeted out the scam some time after.

The Bitcoin wallet had already begun draining its $100 000 by the time Twitter sent out a response on their official account.

We are aware of a security incident impacting accounts on Twitter. We are investigating and taking steps to fix it. We will update everyone shortly.

— Twitter Support (@TwitterSupport) July 15, 2020

What caused the Twitter hack?

Twitter is investigating the incident. At the time of writing, the company said that it appears that the breach resulted from a coordinated social engineering attack.

The social engineering attack targeted Twitter employees. This resulted in hackers gaining access to internal systems and tools.

Hackers could then take control of highly visible and verified accounts to post tweets.

We know they used this access to take control of many highly-visible (including verified) accounts and Tweet on their behalf. We’re looking into what other malicious activity they may have conducted or information they may have accessed and will share more here as we have it.

— Twitter Support (@TwitterSupport) July 16, 2020

While Twitter continues to investigate the extent of the breach, the company has locked down all affected accounts. Twitter has also limited functionality for all verified accounts.

We have locked accounts that were compromised and will restore access to the original account owner only when we are certain we can do so securely.

— Twitter Support (@TwitterSupport) July 16, 2020

Feature image: Memeburn