"I'll send you back double the money," definitely sounds shady if its an email from a Nigerian prince who tells you he has the same last name as you, but it sounds less scary if it's a person you know is real - and has a verified blue tick on Twitter.
Late on Wednesday night, the Twitter accounts of Bill Gates and Elon Musk appeared to have been hacked, or fallen prey to a crypto-related scam.
However, it was soon noticed that it wasn't just these two accounts - The Twitter accounts of Barack Obama, Jeff Bezos, Joe Biden, Kim Kardashian West, Warren Buffet, and more appear to have also been compromised.
The scam posted tweets on behalf of Gates and Musk stated a Bitcoin wallet address along with the promise of sending back double the amount of BTC if a user sends a certain amount to the designated wallet first. The scam appeared to happen in two rounds, wherein the scammers posted similar Bitcoin-scamming tweets for the second time from both Gates’ and Musk’s accounts, after their first tweets were deleted.
While scams such as these are fairly common, what’s concerning is how the scammers gained access to high profile Twitter accounts such as these high profile ones.
Twitter, has clarified a bit of this. It explained how the hack was targeted not at the individuals whose accounts had been hacked, but at employees of Twitter who were in positions to control the accounts.
We detected what we believe to be a coordinated social engineering attack by people who successfully targeted some of our employees with access to internal systems and tools. — Twitter Support (@TwitterSupport) July 16, 2020
Twitter appears to be acknowledging that numerous people appear to have been involved in the hacks, not just one individual, and that numerous employees were compromised, too. They also shared the steps ahead.
Internally, we’ve taken significant steps to limit access to internal systems and tools while our investigation is ongoing. More updates to come as our investigation continues. — Twitter Support (@TwitterSupport) July 16, 2020
Jack Dorsey, CEO and co-founder of Twitter also shared how it was a tough day at Twitter.
Tough day for us at Twitter. We all feel terrible this happened. We’re diagnosing and will share everything we can when we have a more complete understanding of exactly what happened. 💙 to our teammates working hard to make this right. — jack (@jack) July 16, 2020
Vice's Motherboard has allegedly spoken to some of the hackers, who have alleged that they paid one of the employees to give over the accounts.
we spoke to two hackers and we were able to independently verify they were in control of hijacked accounts today. One of them said they paid the Twitter employee to help them take over accounts; not sure on the specifics here at the moment — Jason Koebler (@jason_koebler) July 16, 2020
It has however, started the conversation on just how much power Twitter admins have over influential accounts.
Several (dozens? more?) Twitter admins have the power to start a world war by posting from a world leaders account. Today’s hack is the most consequential breach in decades. Unfortunately will disappear in news cycle tomorrow over Goya canned beans or something. — Cernovich (@Cernovich) July 16, 2020
HOLY SHT: The “hackers” reportedly PAID a Twitter employee to gain access. They didn’t “hack.” They simply BRIBED their way into the platform’s internals 😳 https://t.co/SgXpgKWtaU — Leah McElrath 🏳️🌈 (@leahmcelrath) July 16, 2020
The twitter hack was too powerful to be a rogue hacker. Imagine the real chaos they could have caused using the accounts of global leaders. Someone did this in a mostly harmless manner to send a message. The question is who did it, who was it directed at and what was the message? — Robby Starbuck (@robbystarbuck) July 16, 2020
Imagine taking all that time to hack into Twitter to run a Bitcoin scam when you could have wrought havoc in global financial markets by getting Biden to say he was dropping out, or get Warren Buffett to say he was liquidating, or Elon Musk to say he's recalling the short shorts. — Tracy Alloway (@tracyalloway) July 16, 2020
Twitter has however, not confirmed or denied these allegations.
