- A massive Twitter hack on Wednesday targeted a slew of the service’s most high-profile users, including President Obama, Elon Musk, Jeff Bezos, and former Vice President Joe Biden.
- The tweets that started showing up in those users’ timelines asked for people to send them Bitcoin.
- Twitter blamed the hack on a “coordinated social engineering” scam.
The Internet’s collective jaw hung agape on Wednesday afternoon, as a shockingly comprehensive hack of Twitter expanded to the point that it even touched President Obama’s official Twitter account — which, with almost 121 million followers, happens to be the most-followed account on the platform. “I am giving back to my community due to COVID-19”! read the tweet that was inserted into the former president’s tweet stream. “All Bitcoin sent to my address below will be sent back doubled.”
That tweet has since been scrubbed, as has similarly-worded tweets posted to the accounts of a slew of high-profile, verified Twitter users including Elon Musk, Bill Gates, former Vice President Joe Biden, Kanye West, Jeff Bezos, and many more. The hack sent shockwaves throughout Twitter, to the point that the service quickly locked the ability of verified users with blue checkmarks to perform actions like tweeting or changing their password. The shadowy perpetrators of this attack — which played out a little like a real-life, real-time version of the hit Netflix series Money Heist — seemed to be quite successful in soliciting donations of Bitcoin, and on Wednesday night Twitter finally started the process of answering the only question that mattered: What in the hell happened here?
As we noted in our original post about this incident, transaction receipts on Blockchain.com as of late afternoon Wednesday showed that about 12 BTC ($109,107.34) had been received by the scammer. Twitter says the scammer(s) pulled this off thanks to a “coordinated social engineering” scam involving Twitter employees, not by hacking the individual accounts themselves.
Here’s the statement about what happened in the form of a tweet thread Wednesday night from @TwitterSupport:
We detected what we believe to be a coordinated social engineering attack by people who successfully targeted some of our employees with access to internal systems and tools.
— Twitter Support (@TwitterSupport) July 16, 2020
Once we became aware of the incident, we immediately locked down the affected accounts and removed Tweets posted by the attackers.
— Twitter Support (@TwitterSupport) July 16, 2020
This was disruptive, but it was an important step to reduce risk. Most functionality has been restored but we may take further actions and will update you if we do.
— Twitter Support (@TwitterSupport) July 16, 2020
Internally, we’ve taken significant steps to limit access to internal systems and tools while our investigation is ongoing. More updates to come as our investigation continues.
— Twitter Support (@TwitterSupport) July 16, 2020
A Motherboard report Wednesday purports to reveal a little more about what went on behind the scenes in order for the scammers to be able to execute this hack. Quoting unnamed sources, Motherboard writes that the hackers actually had help from inside Twitter, noting: “‘We used a rep that literally done all the work for us,’ one of the sources told Motherboard. The second source added they paid the Twitter insider … The accounts were taken over using an internal tool at Twitter, according to the sources, as well as screenshots of the tool obtained by Motherboard.”
Twitter CEO Jack Dorsey responded to Wednesday’s news (via Twitter, of course), by writing that it was “a tough day for us at Twitter.”
“We all feel terrible this happened,” Dorsey tweeted, adding a heart emoji to signify love “to our teammates.” “We’re diagnosing and will share everything we can when we have a more complete understanding of exactly what happened.”
President Trump’s Twitter account seemed to be untouched during Wednesday’s events, but for some Twitter users, Wednesday’s hack reminded them of the time back in 2017. Back when Trump’s Twitter account was briefly deactivated by a disgruntled employee. Then, as now, questions remain about how secure this still popular social network and information service is — or, rather, how much it isn’t.
