Dozens Of High-Profile Twitter Accounts Hacked In Cryptocurrency Scam

Affected accounts included billionaires Bill Gates and Jeff Bezos as well as former President Barack Obama and presumptive presidential nominee Joe Biden.

Getty Images / Jeff Bezos and Barack Obama
Getty Images / Jeff Bezos and Barack Obama

A massive Twitter hack affected more than a dozen prominent accounts on Wednesday by posting messages soliciting their millions of followers for thousands of dollars in the cryptocurrency bitcoin. Some of the accounts included billionaires Bill Gates and Jeff Bezos, celebrities including Kim Kardashian West, and politicians such as former President Barack Obama and presumptive Democratic presidential nominee Joe Biden.

According to Twitter, the incident was likely a “coordinated social engineering attack by people who successfully targeted some of our employees with access to internal systems and tools.” Vice’s Motherboard also reported that the hackers worked with a Twitter employee to allegedly use an internal tool in order to perform the account takeovers. One unnamed source reportedly told Motherboard that the complicit employee was paid.

According to MalwareTech's account, the scam posts first started appearing on the accounts of several high-profile cryptocurrency platforms including KuCoin and Gemini. The tweets urged users to visit the website CryptoForHealth, which was shortly after disabled. 

Next, messages began popping up on accounts of billionaires, celebrities, companies, and politicians, urging followers to send $1,000 in bitcoin to a specified address so they could receive double that amount in return. 

Shortly after the hackings, Twitter said it was “taking steps to fix” the security incident and disabled verified accounts’ ability to tweet while it did so. The company also said people may not be able to reset their passwords while it reviewed the incident. 

“Tough day for us at Twitter. We all feel terrible this happened,” Twitter CEO Jack Dorsey tweeted. “We’re diagnosing and will share everything we can when we have a more complete understanding of exactly what happened.”

The platform restored verified accounts' ability to tweet later Wednesday evening, but the block prevented some accounts from sending out crucial information to followers. According to The Weather Channel, several National Weather Service accounts were unable to tweet out updates as they issued tornado warnings in Missouri and Illinois.

As of Wednesday night, bitcoin-transaction receiptsreported on Business Insider show the address in the scam tweets received more than 300 transactions, which added up to more than $115,000.

Rachel Tobac, the CEO of cybersecurity firm SocialProof Security, told NBC News that the attack was likely the largest Twitter had ever seen.

“I'm surprised Twitter hasn't gone completely dark to prevent misinformation campaigns and political upheaval," she said. "We are lucky the attackers are going after bitcoin (money motivated) and not motivated by chaos and destruction."