On Wednesday afternoon, Twitter users en masse saw a whirlwind of scam tweets from famous accounts, urging followers to send money by clicking suspicious bitcoin links.
The list of compromised accounts reads like a who’s who plucked from the headlines, with former President Obama, Kim Kardashian, Kanye West, Wiz Khalifa, Bill Gates, Elon Musk, Joe Biden, Mike Bloomberg, Jeff Bezos, Apple and Uber, among others, being targeted.
The malicious exploit looks like a massive, coordinate attack linked to Wednesday’s hack of cryptocurrency firms, such as Coinbase and Binance. Now Twitter is scrambling to figure out what happened. In a tweet sent Wednesday afternoon, the tech company pledged to look into the “security incident.”
As of this writing, the attack is ongoing.
The strange tweets, first spotted coming from the accounts of Elon Musk and Bill Gates, urge followers to send $1,000 in Bitcoin to a supplied link, with promises to pay back twice the amount of the “contribution.”
As of early Wednesday evening, the malicious actors — or “black hats,” in tech parlance — appear to have collected up a dozen Bitcoins worth more than $100,000.
Various verified accounts were unable to tweet Wednesday afternoon through the evening, as Twitter looked into the issue. But at this point, the company announced that it has unfrozen most of them.
This is not the first time Twitter accounts have been breached. In 2013, its systems were hacked, giving black hats access to usernames and encrypted passwords covering some 250,000 users. And in 2018, Target was hacked in another Bitcoin scam that went out to the retailer’s nearly 2 million Twitter followers. Others, from the Bears to Burger King and Jeep, have been attacked.
In some cases, incidents involved hacks of third-party platforms that manage social accounts, or unauthorized access due to human behavior.
Even the founder of Twitter is not immune.
Last year, Jack Dorsey’s account was hijacked, thanks to a “SIM swap” attack. This type of exploit usually involves an employee from a cellular carrier changing the number tied to a smartphone’s SIM card to another phone. In that case, texted security codes then re-route to other people, giving them access.
It’s not clear what type of hack was used here, but it’s a sure bet that Twitter engineers are racing to find out.