July 16, 2020

Twitter hack: accounts of prominent figures, including Biden, Musk, Obama, Gates and Kanye compromised

Accounts of Uber and Apple also appear to have been hacked as part of scam instructing followers to transfer cryptocurrency


Twitter suffered a major security breach on Wednesday that saw hackers take control of the accounts of major public figures and corporations, including Joe Biden, Barack Obama, Elon Musk, Bill Gates, Jeff Bezos and Apple.


The company confirmed the breach Wednesday evening, more than six hours after the hack began, and attributed it to a “coordinated social engineering attack” on its own employees that enabled the hackers to access “internal systems and tools”. Twitter said it was “looking into what other malicious activity they may have conducted or information they may have accessed” in addition to using the compromised accounts to send tweets.

The hack unfolded over the course of several hours, and in the course of halting it, Twitter stopped all verified accounts from tweeting at all – an unprecedented measure. The company had restored most accounts by Wednesday evening, but warned that it “may take further actions”. The company said that it had also locked the compromised accounts and “taken steps to limit access to internal systems and tools” while it continues its investigation.

The compromised accounts, which count tens of millions of followers, sent a series of tweets proposing a classic bitcoin scam: followers were told that if they transferred cryptocurrency to a specific bitcoin wallet, they would receive double the money in return.


Twitter has said it is looking into the possible hacking of the accounts of Joe Biden and other prominent figures. Photograph: Twitter

Other compromised accounts include those of Kanye West, Michael Bloomberg, Uber, and a number of cryptocurrency exchanges or organizations.

The messages included the address of a bitcoin wallet whose balance grew rapidly to more than 11 BTC (more than $100,000) as the scam spread. Tweets with similar messages were repeatedly deleted and re-posted by some of the compromised accounts over the course of Wednesday afternoon.
While the motives and source of the attack are not yet known, the coordinated hijacking of the verified communications streams of world leaders, celebrities and major corporate accounts was a frightening prospect. Twitter has become a de facto wire service for the world and is used for official communications by governments during emergencies; a hack on the scale of Wednesday’s attack could have been more disruptive or even dangerous.

“The amount of damage this could cause is very high,” said Douglas Schmidt, a computer science professor at Vanderbilt University. “These people could hold information gleaned from the hack for ransom in the future.”