Several high-profile Twitter accounts, including those of former US President Barack Obama, Tesla CEO Elon Musk, Amazon CEO Jeff Bezos, and many other millionaires were hacked on Wednesday by a group of attackers. Those accounts were compromised for some hours and posted a tweet promoting the bitcoin address, claiming that the amount sent to the address would be doubled and sent back. Soon, Twitter started investigating into the matter, blocking access to all verified accounts.
There were the mysterious tweets that asked people to donate Bitcoins, returning double amount. The tweet from Obama’s account read, “I am giving back to my community due to Covid-19. All Bitcoin sent to my address below will be sent back doubled. If you send $1,000, I will send back $2,000.”
Similar tweets followed from many other accounts, including Kanye West, Kim Kardashian, Bill Gates, Mike Bloomberg, Apple, Uber, and so on. The tweets had the address of bitcoin wallet- asked to donate Bitcoins with a promise to double the amount.
Twitter chief executive, Jack Dorsey tweeted, “Tough day for us at Twitter. We all feel terrible this happened.”
“We’re diagnosing and will share everything we can when we have a more complete understanding of exactly what happened,” he added.
The report suggests that the hackers targeted Twitter employees that had access to internal systems and tools. The internal company admin tool was used to conduct the account takeovers- changing account email accounts and recovering passwords.
In response, Twitter had stopped access to all the verified users. For a time, they limited the ability to tweet, reset the password, and some other account functionalities. The functionality was coming and going for some time.
While the fixing was going on rapidly, Twitter revealed some details from its investigation. They said there was a group of hackers who got access to the admin tool through the employees. The report also says that hackers paid the Twitter employee to help them take over accounts.
The hackers might have breached the other information as well, not resting on the Bitcoins, they gathered. The company said, “We’re currently investigating other malicious activity they may have conducted or information they may have accessed.”
However, the whole attack seems to use the account takeovers to promote a cryptocurrency scam. The report suggests that there was a nearly $120,000 worth of the Bitcoins to the digital wallet address provided in the tweets.
For now, the accounts that were compromised have been locked. They said that they would restore access to the original account owner only when they are certain about security.