Twitter has revealed that its own administrative tools were used to take over the accounts of dozens of celebrities, politicians and billionaires in a reported ‘inside job’ that is among the largest social media breaches in history.
‘Tough day for us at Twitter. We all feel terrible this happened,’ Twitter CEO Jack Dorsey tweeted, promising to share information about the breach as it became available.
The attack unfolded on Wednesday evening, with the affected accounts including presidential candidate Joe Biden, Elon Musk, Jeff Bezos, Bill Gates, Kanye West and Kim Kardashian West.
Former President Barack Obama, the most popular account on Twitter with more than 120 million followers, was also targeted, as were the corporate accounts of Apple and Uber.
In an urgent response to the breach, Twitter took the extraordinary step of temporarily blocking all verified accounts from tweeting. Shares in the company fell nearly 4 percent in after-hours trading.
‘While account take-overs are commonplace, this would be appear to be a compromise on an unprecedented scale,’ Brett Callow, a threat analyst at cybersecurity firm Emsisoft, told DailyMail.com of the breach.
Former President Barack Obama, the most popular account on Twitter with more than 120 million followers, was targeted by hackers who posted a bitcoin scam to his account
Late on Wednesday, Twitter revealed that some of its employees with access to internal systems had been targeted by a ‘coordinated social engineering attack,’ a term that typically refers to the use of psychological manipulation to gain access to restricted systems.
Two people who took credit for the breach claimed that they had paid a Twitter insider to carry out the attack for them, according to Motherboard.
‘We used a rep that literally done all the work for us,’ one of the individuals told the publication.
‘We are aware of a security incident impacting accounts on Twitter. We are investigating and taking steps to fix it. We will update everyone shortly,’ the company said in a public statement.
‘You may be unable to Tweet or reset your password while we review and address this incident,’ the company added in an update.
More than an hour after the first wave of hacks, Twitter prevented at least some verified accounts from publishing messages altogether.
According to UN chief of the cybercrime Neil Walsh, the ban extended to all verified accounts worldwide, an unprecedented step that shut down a critical platform for rapid communication.
Verified users include celebrities and journalists, but also governments, politicians and heads of state.
For several hours on Wednesday, Twitter users with verified accounts saw this message when they tried to post a tweet, as the site shut down all checkmarks as a precaution
Twitter shares fell nearly 4% in after-hours trading as the company froze verified accounts
Although individual Twitter accounts have been briefly breached in the past using stolen passwords, the scale of Wednesday’s attack was unprecedented.
‘This appears to be the worst hack of a major social media platform yet,’ said Dmitri Alperovitch, who co-founded cybersecurity company CrowdStrike.
Other political figures impacted by the attack included Rep. Alexandria Ocasio-Cortez and former Democratic presidential candidate Mike Bloomberg.
Of the politicians affected by the breach, all appeared to be Democrats.
Biden’s campaign was ‘in touch’ with Twitter, according to a person familiar with the matter. The person said the company had locked down the Democrat’s account ‘immediately following the breach and removed the related tweet.’
President Donald Trump’s re-election campaign seized on the breach, with campaign spokesman Tim Murtaugh mocking the scam message as similar to Biden’s policy proposals.
‘I’ve seen creative ways to disguise a tax increase, but this takes the cake,’ Murtaugh tweeted. ‘Hacked account or not, this is a perfect metaphor for Biden’s pitch to taxpayers: ‘Give me your money!”
The fraudulent tweets all followed a similar formula, and directed potential victims to send bitcoin to the same anonymous wallet.
‘I am giving back to my community due to COVID-19!’ read the scam tweet posted to Obama’s account.
‘All Bitcoin sent to my address below will be sent back doubled. If you send $1,000, I will send back $2,000!’ the fake message continued.
The message shared on Bezos’ account stated he is ‘only doing a maximum of $50,000,000.’
One scam tweet surfaced on Elon Musk’s Twitter account around 4:30pm ET Wednesday
Amazon CEO Jeff Bezos was also among the victims targeted in the bitcoin scam
Most of the fraudulent tweets disappeared within minutes of first being posted, suggesting that Twitter administrators were playing whack-a-mole with the attacker.
Although many users knew the gesture was the evil working of a cybercriminal, others replied they sent money to the listed account.
Many Twitter users posted screenshots of bitcoin transfer receipts to the wallet listed in the scam, claiming they had been duped before realizing the scam.
Publicly available blockchain records show that the apparent scammers have already received more than $100,000 worth of cryptocurrency, with the amount still growing.
Several Twitter users claimed that they had fallen for the scam and sent bitcoin
Some experts said the incident has raised questions about Twitter’s cybersecurity.
‘It’s clear the company is not doing enough to protect itself,’ said Oren Falkowitz, former CEO of Area 1 Security.
Alperovitch, who now chairs the Silverado Policy Accelerator, said that, in a way, the public had dodged a bullet so far.
‘We are lucky that given the power of sending out tweets from the accounts of many famous people, the only thing that the hackers have done is scammed about $110,000 in bitcoins from about 300 people,’ he said.