Massive Twitter hack hits Barack Obama, Elon Musk and more as verified accounts frozen
Joe Biden, Kanye West, Apple, Uber fall victim too
Are you rich and famous? Do greedy young men admire you?
Then you might not have been able to tweet for about two and a half hours today (July 15), because Twitter temporarily disabled the ability of all verified accounts to post anything.
- Everything you need to know about Bitcoin
- The best identity-theft-protection services
- Just in: Stimulus check 2: AOC urges McConnell to 'get to work'
The security measure was taken because earlier today, Twitter accounts belonging to dozens of high-profile individuals and companies were hijacked to lure gullible followers into Bitcoin scams.
The hijacked accounts apparently included those of Bill Gates, Jeff Bezos, Elon Musk, Kanye West, Joe Biden, Floyd Mayweather, Mike Bloomberg, Barack Obama, Warren Buffett, XXXTentacion, Israeli Prime Minister Benjamin Netanyahu, Wiz Khalifa, Apple and Uber.
Shortly after 6 p.m. Eastern time, Twitter temporary disabled the ability of verified accounts -- those with a blue check mark -- from sending out any new tweets. The verified accounts regained tweet-power about 8:35 p.m. Eastern.
"You may be unable to Tweet or reset your password while we review and address this incident," the Twitter Support account said.
Even our own Philip Michaels, whose status as a Very Important Californian entitles him to a Twitter verification check mark, found himself unable to communicate with the outside world en masse. He could still send direct messages or retweet other people's tweets.
Sign up to get the BEST of Tom's Guide direct to your inbox.
Get instant access to breaking news, the hottest reviews, great deals and helpful tips.
Twitter's drastic move might have been because the hijacked accounts kept spreading a few hours after they began, with West's wife Kim Kardashian West falling victim just after 6 p.m. Eastern.
Interestingly, the Bitcoin address posted on Kardashian's tweet was different from the address on most of the other tweets.
"We are giving back to our community," read the message posted earlier on the Apple account. "We support Bitcoin and we believe you should too! All Bitcoin sent to our address below will be sent back to you doubled!"
The tweet then posted a Bitcoin address, followed by the words, "Only going on for the next 30 minutes."
Messages posted on other accounts varied, but all included the same Bitcoin address, which had received nearly 13 bitcoin as of this writing, or about $119,000 in U.S. dollars -- all of it today. (It had also sent out more than 7 bitcoin.)
"I have decided to give back to my community," the Bezos tweet said before it, like the others, was taken down. "All Bitcoin send to my address below will be doubled. I am only doing a maximum of $50,000,000."
This isn't the first time Elon Musk's name has been used in a Bitcoin scam. Last month, a security firm found that scammers had been creating custom Bitcoin addresses that incorporated Musk's name.
The cryptocurrency news site CoinDesk reported that the account hijackings began with about a dozen cryptocurrency-related accounts all tweeting out the same thing: "We have partnered with CryptoForHealth and are giving back 5000 BTC to the community. See more here: cryptoforhealth.com".
There is no website at that address. About an hour later, the hijacking of high-profile individuals and companies began with the messages you've seen above.
It's not clear how the scammers got into so many high-profile Twitter accounts at once. It's unlikely that each could have been individually compromised, although accounts of public figures are often shared among several staffers on the account holder's payroll.
As the Verge put it, these incidents suggest "that someone has either found a severe security loophole in Twitter's login process or has gained access to a Twitter employee's admin privileges."
The latter scenario got support from numerous Twitter users who claimed to have seen login credentials to a Twitter administrative interface bouncing around hacker forums earlier today, although Tom's Guide couldn't verify any of those claims.
UPDATE:It seems like the hackers got access to "Twitter Panel", which is basically hacking one of the Twitter admins/employees. This gives direct admin access to accounts and allows individuals to chance e-mail & password.(Just a theory)@jack @TwitterSupport @Twitter pic.twitter.com/xdJH9gt1KUJuly 15, 2020
However this widespread attack was pulled off, the perpetrators seemed to have completely undermined Twitter's own security. We'll have more on this situation when we know more.
Twitter itself put out a terse statement that it was "aware of a security incident impacting accounts on Twitter."
"We are investigating and taking steps to fix it," it added. "We will update everyone shortly."
We are aware of a security incident impacting accounts on Twitter. We are investigating and taking steps to fix it. We will update everyone shortly.July 15, 2020
Tyler Winklevoss, one-half of the Winklevoss twins whose accidental involvement in the founding of Facebook was made famous by the movie "The Social Network," tweeted out that the Twitter account of his and his brother's Gemini cryptocurrent exchange had been hacked, as had that of several other cryptocurrency services.
WARNING: @Gemini's twitter account, along with a number of other crypto twitter accounts, has been hacked. This has resulted in @Gemini, @Coinbase, @Binance, and @Coindesk, tweeting about a scam partnership with CryptoForHealth. DO NOT CLICK THE LINK! These tweets are SCAMS.July 15, 2020
More worryingly, Winklevoss said "we have 2FA enabled for @Gemini. We are currently investigating root cause. Please stay tuned."
Two-factor authentication, or 2FA, is a meant to ensure that an attacker can't hijack an account even if the attacker gets the password.
We would normally urge you to set up 2FA on your Twitter account to prevent your account getting hijacked, but that doesn't seem to make any difference in this case. All you can do is take comfort in the fact that you're (probably) not famous.
Can’t believe access to all those high profile accounts was burned for a BTC scam ¯\_(ツ)_/¯Could’ve been MUCH worse:- @JoeBiden before Election Day- @JeffBezos during Congressional Hearing- @elonmusk during $TSLA earnings call- @BillGates after a COVID vaccine announcement https://t.co/Xzg5DZxdVtJuly 15, 2020
Paul Wagenseil is a senior editor at Tom's Guide focused on security and privacy. He has also been a dishwasher, fry cook, long-haul driver, code monkey and video editor. He's been rooting around in the information-security space for more than 15 years at FoxNews.com, SecurityNewsDaily, TechNewsDaily and Tom's Guide, has presented talks at the ShmooCon, DerbyCon and BSides Las Vegas hacker conferences, shown up in random TV news spots and even moderated a panel discussion at the CEDIA home-technology conference. You can follow his rants on Twitter at @snd_wagenseil.