Twitter is investigating a massive hack in which high-profile users from Elon Musk to Joe Biden had their accounts hijacked by scammers who the social network believes targeted its employees to gain access to internal systems.
Posts trying to dupe people into sending hackers the cryptocurrency Bitcoin were tweeted by the official accounts of Apple, Uber, Kanye West, Bill Gates, Barack Obama and many others on Wednesday.
“We detected what we believe to be a coordinated social engineering attack by people who successfully targeted some of our employees with access to internal systems and tools,” Twitter said.
“They used this access to take control of many highly-visible… accounts,” the company said, adding that it was investigating “what other malicious activity they may have conducted or information they may have accessed.”
The fraudulent posts, which were largely deleted, said people had 30 minutes to send $1,000 in bitcoin in order to receive twice as much in return.
A total of 12.58 bitcoin — worth almost $116,000 — were sent to the email addresses mentioned in the fraudulent tweets, according to the site Blockchain.com, which monitors crypto transactions.
“Tough day for us at Twitter,” chief executive Jack Dorsey said in a tweet.
“We all feel terrible this happened. We’re diagnosing and will share everything we can when we have a more complete understanding of exactly what happened.”
The Biden campaign told AFP that Twitter locked down the hacked account quickly and removed the bogus tweet.
US President Donald Trump’s account, which has more than 83 million followers, was not among those hacked.
“Most accounts should be able to Tweet again,” the Twitter support team said in an evening update, having earlier briefly disabled posts from verified accounts with an official blue checkmark.
The network said it had locked down the affected accounts, which also included Bitcoin speciality firms, and removed the tweets posted by the hackers.
Twitter added that the network was largely back to normal, but that it “may take further actions and will update you if we do.”
Media outlet Vice reported that a Twitter insider was responsible, citing leaked screenshots and two anonymous sources apparently behind the hack, one of whom told Vice they had paid the employee.
Rachel Tobac of cyber-security firm SocialProof Security also theorized that hackers had got control of a Twitter employee’s administrative access to post the messages.
Meanwhile reports said that BitTorrent chief executive Justin Sun was offering a $1 million reward for bringing the Twitter hackers to justice.
The tweet that appeared on Tesla founder Musk’s Twitter feed said, “Happy Wednesday! I am giving back Bitcoin to all of my followers. I am doubling all payments sent to the Bitcoin address below. You send 0.1 BTC, I send 0.2 BTC back!”
It added that the offer was “only going on for 30 minutes.”
The fake messages that appeared on other famous accounts made similar promises of instant riches.
One version of the scam invited people to click on a link at which they would be exploited.
“All major crypto Twitter accounts have been compromised,” Gemini cryptocurrency exchange co-founder Cameron Winklevoss said in a tweet.
“This is a SCAM, DO NOT participate!” he warned.
Twitter has been targeted by hackers in the past.
In March 2017, the accounts of Amnesty International, the French economics ministry and the BBC’s North America service were broken into by hackers believed to have been loyal to Turkish President Recep Tayyip Erdogan.
Last August, a series of insulting or racist messages were posted on the personal account of Twitter founder Dorsey without his knowledge.