You might have seen some of your favorite Twitter accounts post some odd messages briefly this afternoon. It’s apparently not a coincidence. These Twitter accounts seemed to have been hacked today. They include the official pages of Elon Musk, Bill Gates, Apple, and others.
The messages all entice Bitcoin owners with a false offer to double their amounts. They post an address to send over their cryptocurrency, and of course, many people have apparently done just that.
Other Twitter accounts that were hacked include Cash App and Ripple — the latter of which asks users to send money “to our Covid-19 Fund.”
Even major companies like Apple and Uber have seen their Twitter accounts hacked today with the same scam message.
Since this post first went live, we have seen more Twitter accounts hacked, including the pages of Kanye West, Joe Biden, Mike Bloomberg, and Jeff Bezos.
There’s no word on who might be hacking into these accounts. CNBC got in touch with Twitter, which claims it is looking into the issue. Later, the official Twitter support page posted word that it is “investigating and taking steps to fix it.” Also, some owners of verified accounts were disabled for a brief time, but most of them have since been restored.
In the meantime, if your favorite Twitter account starts to posts these kinds of posts, its best to report it to the company. Also, do not click on any of the links provided in these tweets.
The massive Twitter breach of high-profile accounts belonging to celebrities, politicians, trillion-dollar companies, and other public figures has taken the internet by storm. Twitter has been hacked several times before, but not at such an unprecedented scale involving a simultaneous attack on major accounts.
So how did hackers manage to pull off this large-scale attack on one of the most popular social media platforms? Twitter now has an answer.
The company has confirmed that its own internal admin systems and tools were exploited by hackers to gain access to popular accounts.
“We detected what we believe to be a coordinated social engineering attack by people who successfully targeted some of our employees with access to internal systems and tools,” Twitter wrote in a threaded tweet explaining what happened. “We know they used this access to take control of many highly-visible (including verified) accounts and tweet on their behalf.” – Twitter Sopport
Most accounts should be able to Tweet again. As we continue working on a fix, this functionality may come and go. We’re working to get things back to normal as quickly as possible.— Twitter Support (@TwitterSupport) July 16, 2020
Twitter breach: Who was responsible?
Twitter’s statement seems to suggest that several people were involved in the hack. However, a TechCrunch report from earlier today claims that the attack was masterminded by a hacker who goes by the name Kirk. Sources tell the publication that Kirk made over $100,000 in just a few hours after gaining control of the internal Twitter tool.
The hacker used this admin tool to reset the email addresses associated with affected accounts and subsequently pushed out the dubious crypto scam message. Check out the screenshot of the exploited Twitter tool below.
Meanwhile, a report by Motherboard claims that a Twitter employee was responsible for this mess. Two sources who were involved in the breach told the outlet that a company insider was integral to the hacks and that they were paid for the job.
Twitter, however, hasn’t confirmed this. A spokesperson told Motherboard that the platform is still investigating the issue. The company is unsure if an employee hijacked the accounts or gave hackers access to the admin tool.
Whatever may have happened, Twitter is surely going to bear the brunt of this latest breach for a long time to come. It also saw a slide in stock prices because of the high-profile hacks and could face added scrutiny from authorities going forward.
For now, Twitter has locked all affected accounts and will only give owners access once they can be restored safely.
“Internally, we’ve taken significant steps to limit access to internal systems and tools while our investigation is ongoing. More updates to come as our investigation continues,” the company stated in its last post on the support channel.