Twitter suffered a huge security breach on Wednesday, July 15, after a hacker took control of accounts of top public figures and instructed people to transfer cryptocurrency to have it doubled, which many people fell for thinking it was real.
The hackers took control of the accounts of major public figures and corporations, including Joe Biden, Barack Obama, Elon Musk, Bill Gates, Jeff Bezos and Apple. Other compromised accounts include those of Kanye West, Kim Kardashian, Michael Bloomberg, Uber, and a number of cryptocurrency exchanges or organizations.
The compromised accounts sent a series of tweets proposing a classic bitcoin doubling scam. Followers were told that if they transferred cryptocurrency to a specific bitcoin wallet, they would receive double the money in return.
Twitter confirmed the breach Wednesday evening, more than six hours after the hack began, and attributed it to a “coordinated social engineering attack” on its own employees that enabled the hackers to access “internal systems and tools”.
Twitter said it was “looking into what other malicious activity they may have conducted or information they may have accessed” in addition to using the compromised accounts to send tweets.
The hack unfolded over the course of several hours. To stop the hackers, Twitter stopped all verified accounts from tweeting at all. The company had restored most accounts by Wednesday evening, July 15 but warned that it “may take further actions”.
The company said that it had also locked the compromised accounts and “taken steps to limit access to internal systems and tools” while it continues its investigation.
Reacting, Twitter CEO Jack Dorsey tweeted: “Tough day for us at Twitter. We all feel terrible this happened.”
Dmitri Alperovitch, who co-founded cyber-security company CrowdStrike, told Reuters news agency: “This appears to be the worst hack of a major social media platform yet.”
Quoting a security source, the BBC reported that a web address – cryptoforhealth.com – to which some hacked tweets directed users, was registered by a cyber-attacker using the email address email@example.com.
The name “Anthony Elias” was used to register the website, but may be a fake name.
Cryptoforhealth is also a registered user name on Instagram, apparently set up during the hack.
The description of the profile read “It was us”.
Cryptoforhealth also posted an Instagram message that said: “It was a charity attack. Your money will find its way to the right place.”
In any case, the real identities of the perpetrators are as yet unknown.