Twitter accounts of several prominent verified users - US presidential candidate Joe Biden, former US President Barack Obama, billionaire Elon Musk, rapper Kanye West and his wife Kim Kardashian, Microsoft co-founder Bill Gates, Amazon CEO Jeff Bezos, media tycoon Mike Bloomberg - were compromised in a widespread Bitcoin scam early Thursday. Once hacked these accounts were asked for donation in cryptocurrency and promised to return twice the amount.
Twitter briefly blocked access of all verified accounts and is investigating the matter. Twitter said that it won't restore access to their owners' account until they are certain that they can do it securely.
We have locked accounts that were compromised and will restore access to the original account owner only when we are certain we can do so securely.- Twitter Support (@TwitterSupport) July 16, 2020
The fake Twitter posts, which have mostly been deleted offered to send back $2,000 for every $1,000 sent to an anonymous Bitcoin address.
Twitter warned many of its 166 million daily users that they might be unable to tweet or reset their passwords while the company is addressing the security breach.
The microblogging site said that it locked the affected accounts as soon as it became aware of the hacking, removed the tweets by the "attackers" and prevented all verified accounts from publishing any messages altogether. Most of these users had gained the ability to tweet a few hours later.
Bitcoin is a popular means for such type of scams because once an individual sends money, the design of Bitcoin with no institution in charge, makes it essentially impossible to recover the funds, a New York Times report said.
All the compromised tweets included the address of the same Bitcoin wallet, which has seen as much as $112,000 poured into it over the last few hours. It is unclear if this money came from unsuspecting users or the scammers themselves, as mentioned in reports.
"Everyone is asking me to give back, and now is the time," Gates' tweet said, promising to double all payments to a Bitcoin address for the next 30 minutes.
Jack Dorsey, Twitter's chief executive, said in a post on Wednesday night that it was a tough day for the employees at Twitter. "We all feel terrible that this happened. We're diagnosing and will share everything we can when we have a more complete understanding of exactly what happened," he said.
A spokesperson for Biden's campaign said that Twitter locked down the presumptive Democratic presidential nominee's account and removed the tweet "immediately following the breach."
A Twitter employee was seemingly the reason behind the hacking of high profile users. It is still being investigated if the Twitter employee himself hacked the account or gave the tool to the hackers, a Twitter spokesperson told.
So how did the hackers get access to the internal tool? "We used a rep that literally did all the work for us," one of the hacker sources told Motherboard. Another source said that they paid the Twitter insider. An internal tool at Twitter was used to take over the high-profile accounts, screenshots obtained by Motherboard as well as sources revealed.
The hacker used the tool to reset the associated email addresses of affected accounts to make it more difficult for the owner to regain control. The hacker then pushed a cryptocurrency scam that was noticed by everyone.
Some leading cryptocurrency sites like - Coinbase and Gemini - were also compromised and reportedly "falsely announced" they had partnered up with an organisation called CryptoForHealth, through their Twitter accounts. They claimed that the organisation was going to provide people with Bitcoin as long as they sent some to an address first.