Published On: Thu, Jul 16th, 2020

Apple, Biden, Musk and other high-profile Twitter accounts hacked in crypto scam

A series of high-profile Twitter accounts were concurrently hacked on Wednesday by enemy who used a accounts — some with millions of supporters — to widespread a cryptocurrency scam.

Apple, Elon Musk and Joe Biden were among a accounts compromised in a broadly targeted penetrate that remained puzzling hours after holding place. Those accounts and many others posted a summary compelling a residence of a bitcoin wallet with a explain that a volume of any payments done to a residence would be doubled and sent behind — a famous cryptocurrency fraud technique.

In a hours following a initial fraud posts, Kim Kardashian West, Jeff Bezos, Bill Gates, Barack Obama, Wiz Khalifa, Warren Buffett, YouTuber MrBeast, Wendy’s, Uber, CashApp and Mike Bloomberg also posted a cryptocurrency scam.

Screenshot around Twitter

While we’re still training some-more specifics about how a penetrate went down, we can news that a hacker leveraged an inner Twitter admin apparatus to benefit entrance to a high-profile accounts. That stating was shortly reliable by Twitter’s possess criticism of what happened. On Wednesday evening, a association tweeted that “a concurrent amicable engineering attack” on employees gave a hacker “access to inner systems and tools.”

A hacker used Twitter’s possess ‘admin’ apparatus to widespread cryptocurrency scam

Before a range of a occurrence became clear, a penetrate seemed to concentration on cryptocurrency-focused accounts. In an initial call of fraud posts, @bitcoin, @ripple, @coindesk, @coinbase and @binance were hacked with a same message: “We have partnered with CryptoForHealth and are giving behind 5000 BTC to a community,” followed by a couple to a website.

The related site was quick pulled offline. Kristaps Ronka, arch executive of Namesilo, a domain registrar used by a scammers, told TechCrunch that a association dangling a domain “on a initial report” it received. Hacked accounts shifted to pity mixed bitcoin wallet addresses as a occurrence went on, creation things some-more formidable to track.

Twitter initial concurred a conditions during 2:45 p.m. PT Wednesday afternoon, referring to it as a “security incident.”

At first, it seemed that some of a compromised accounts were behind underneath their owners’ control as tweets were quick deleted. But then, Elon Musk’s criticism tweeted “hi” after his initial twitter with a fraud was deleted. The “hi” twitter also disappeared. 

Twitter users reported saying blunder messages on a height as a conditions went on. TechCrunch contributor Natasha Mascarenhas saw this blunder (see below) when she attempted to emanate a threaded tweet. TechCrunch contributor Sarah Perez saw a identical blunder when perplexing to post a normal tweet. Both have accurate accounts.

Twitter blunder summary (Image: TechCrunch)

As a issues continued, many accurate Twitter users also reported being incompetent to tweet. Around 3:15 p.m. PT, a central Twitter Support criticism reliable “[Users] might be incompetent to Tweet or reset your cue while we examination and residence this incident.” By Wednesday evening, Twitter pronounced that many tweeting should be behind to normal though functionality “may come and go” as a association “continue[s] operative on a fix.”

Who was hacked

It became transparent early on that this conditions was not a box of a singular criticism being compromised as we’ve seen in a past, though something else altogether. Even Apple, a association famous for strong security, somehow fell plant to a scheme.

Apple’s criticism was also hacked. This was a account’s initial tweet. (Image: TechCrunch)

Many high form accounts were quick hijacked in quick period Wednesday afternoon, including @elonmusk, a individualist Twitter-obsessed tech figure with a notoriously intent fanbase. A fraud twitter posted to a Tesla and SpaceX founder’s criticism simply destined users to send bitcoin to a certain residence underneath a guise that he will “double any payment” — a famous cryptocurrency fraud technique. Musk’s criticism seemed to sojourn compromised for some time after a initial message, with follow-up posts claiming supporters were promulgation income to a questionable address.

Tesla and SpaceX owner Elon Musk had his Twitter criticism hacked to widespread a cryptocurrency scam. (Image: TechCrunch)

Barack Obama had his Twitter criticism hacked to widespread a cryptocurrency scam. (Image: TechCrunch)

Wiz Khalifa’s criticism was also compromised, as was a Twitter criticism of renouned YouTuber MrBeast, who mostly posts giveaways, creation his re-post of a bitcoin residence quite expected to expostulate supporters to a scam.

The penetrate also strike mythological financier Warren Buffet, a distinguished and oppressive censor of cryptocurrencies like bitcoin. “I don’t have any cryptocurrency and we never will,” Buffet told CNBC in February.

Unusual hack, common scam

While a range of Wednesday’s Twitter penetrate is rare on a amicable network, a kinds of scams a hacked accounts promoted are common. Scammers take over high-profile Twitter accounts regulating breached or leaked passwords and post messages that inspire users to post their cryptocurrency supports to a sold residence underneath a guise that they’ll double their “investment.” In reality, it’s elementary theft, though it’s a fraud that works.

The categorical blockchain residence used on a fraud site had already collected some-more than 12.5 bitcoin — some $116,000 in USD — and it’s going adult by a minute.

A orator for Binance told TechCrunch: “The confidence group is actively questioning a conditions of this concurrent conflict on a crypto industry.” Several other companies influenced by a criticism hacks did not immediately respond to a ask for comment.

It’s not immediately famous how a criticism hacks took place. Security researchers, however, found that a enemy had entirely taken over a victims’ accounts, and also altered a email residence compared with a criticism to make it harder for a genuine user to recover access.

Scammers frequently respond to high-profile accounts, like celebrities and open figures, to steal a review and surprise gullible victims. Twitter typically shuts these accounts down flattering fast.

A Twitter spokesperson, when reached, pronounced a association was “looking into” a matter though didn’t immediately comment.

This story is developing. Stay tuned for updates. 

Below are screenshots of some of a hacked accounts.

About the Author