UPDATE (12:05 ET): Twitter said it was a "coordinated social engineering attack" by hackers "who successfully targeted some of our employees with access to internal systems and tools."
UPDATE (6:20 PM ET): Twitter said "[y]ou may be unable to Tweet or reset your password while we review and address this incident." Specifically, verified accounts are currently affected by Twitter's ongoing response.
An array of Twitter accounts owned by popular tech figures, major crypto exchanges and assorted verified and unverified accounts were targeted in a wide-ranging attack on Twitter, with the accounts in question being used to share crypto giveaway scams.
Below is a list of the major accounts known to have been affected.
- Former U.S. vice president and 2020 presidential candidate Joe Biden
- Former U.S. president Barack Obama
- Microsoft co-founder Bill Gates
- Billionaire investor Warren Buffet
- Heavyweight boxing champion Floyd Mayweather, Jr.
- Rapper Wiz Khalifa
- Former New York City mayor Michael Bloomberg
- Performance artist Kanye West
- Square's Cash App
- Entrepreneur Elon Musk
- Amazon founder Jeff Bezos
- Rideshare app Uber
- Tech giant Apple
- Crypto exchanges Binance, Coinbase, Gemini, Kucoin and Bitfinex. Binance CEO Changpeng Zhao was also targeted.
- Crypto media site CoinDesk.
- Litecoin founder Charlie Lee, Tron founder Justin Sun and the Tron Foundation.
The incident — which is still developing — began among crypto-centric accounts, starting with exchange Binance and its CEO, Changpeng Zhao. Prior to having his Twitter account hacked, Zhao warned his followers to "not click" on the giveaway link and report the Binance account "immediately." That warning was soon been deleted.
Many of the tweets from the crypto-sphere included the same message: "We have partnered with CryptoForHealth and are giving back 5000 BTC to the community," the tweets read.
But as time went on, it seems as if Twitter moved to prevent that specific message from being posted. It was around then that a broader array of mainstream accounts were used to spread the giveaway scams, posting direct addresses — a tactic seen in the past — rather than sharing a link to a dedicated website.
A number of the tweets, including those posted to major accounts, have since been deleted. But it is unclear to what degree the original owners have control of their respective accounts. For example, posts on Elon Musk's account appear to be continuously deleted, only for new messages to be posted right after.
It's unclear as to the source of the attack, though some have speculated that the wide-reaching nature of the attack means that Twitter's platform was compromised in some way. The Block has contacted Twitter for comment and will update this space if we hear back. In the absence of a specific statement, however, Twitter shared on its official account:
We are aware of a security incident impacting accounts on Twitter. We are investigating and taking steps to fix it. We will update everyone shortly.— Twitter Support (@TwitterSupport) July 15, 2020
A bitcoin address tied to the scam website's message has collected more than 0.65 BTC in proceeds as of press time, an amount worth roughly $6,000. Other addresses circulating on social media show thousands of dollars in crypto being sent, but it's unclear whether that represents organic inbound activity.
This is a developing story and will be updated.
© 2022 The Block Crypto, Inc. All Rights Reserved. This article is provided for informational purposes only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice.