- Hackers have revealed that a Twitter tool was used to get into high-profile Twitter accounts.
- A Twitter spokesperson said it was still being investigated if the Twitter employee was hacked or the employee gave the tool to hackers.
- The hacked Twitter accounts were used to spread bitcoin scam for hours.
The Twitter accounts of Joe Biden, Elon Musk, Jeff Bezos, Kanye West were among the tens of high-profile accounts that were hijacked last night. These accounts were then used to spread bitcoin scam and fool people into donating money through a link.
A Twitter employee was seemingly the reason behind the hacking of high profile users that took place on Wednesday. It is still being investigated if the Twitter employee himself hacked the account or gave the tool to the hackers, a Twitter spokesperson told Motherboard.
So how did the hackers get access to the internal tool? "We used a rep that literally did all the work for us," one of the hacker sources told Motherboard. Another source said that they paid the Twitter insider.
An internal tool at Twitter was used to take over the high-profile accounts, screenshots obtained by Motherboard as well as sources revealed.
The hacker used the tool to reset the associated email addresses of affected accounts to make it more difficult for the owner to regain control, TechCrunch noted. The hacker then pushed a cryptocurrency scam that was noticed by everyone on Wednesday.
The tool was used on the Twitter panel to hack OG accounts or accounts that have a handle consisting of only one or two characters. The panel, whose screenshots were widely shared and later taken down by Twitter, showed if the targeted user's account has been suspended, is permanently suspended, or has protected status.
The panel was also used to post tweets related to cryptocurrency scams from the high profile accounts that blasted off on the platform.
Twitter also acknowledged that the hacks were a coordinated social engineering attack by people who successfully "targeted some of our employees with access to internal systems and tools."
Screenshots of the panel being posted by users are being taken down as a violation of Twitter policies.
"As per our rules, we're taking action on any private, personal information shared in Tweets," said a Twitter spokesperson.
Some leading cryptocurrency sites were also compromised on Wednesday. Cryptocurrency platforms like Coinbase and Gemini falsely "announced" they had partnered up with an organization called CryptoForHealth, through their Twitter accounts. They claimed that the organisation was going to provide people with bitcoin as long as they sent some to an address first.
Other prominent Twitter accounts that were hacked were that of President Barack Obama, Kim Kardashian West, Warren Buffett, Jeff Bezos, and Mike Bloomberg. Official accounts of Uber and Apple tweeted out a post that was a spam message. The spam message directed readers to invest bitcoin in the wallet address that was provided in the tweets and claimed that they would get double the money they spend.