Twitter has revealed what it knows so far about the major hack involving a bitcoin scam that targeted dozens of high-profile accounts on its service on Wednesday, July 15.
In a series of tweets posted on its Support account, the company said it believed the hack had been made possible by tricking one or more of its employees who had access to Twitter’s internal systems and tools.
“We detected what we believe to be a coordinated social engineering attack by people who successfully targeted some of our employees with access to internal systems and tools,” the company said. Such an attack involves the perpetrator duping the target — in this case one or more individuals at Twitter — into making security-related errors or divulging sensitive information that enables the hacker to gain access to a company’s internal systems. There are a number of ways in which this can be done, including through malicious emails that impersonate a trusted person.
“We know they used this access to take control of many highly visible (including verified) accounts and tweet on their behalf. We’re looking into what other malicious activity they may have conducted or information they may have accessed and will share more here as we have it.”
It said that once it learned of the incident, it immediately locked down the affected accounts and removed the scam tweets posted by the attackers.
Limited functionality for verified users
For a couple of hours, it also limited functionality for verified accounts — those with blue ticks — as a precautionary measure while initial investigations were carried out. Twitter acknowledged that the measure, which prevented verified accounts from posting tweets, was disruptive for many in its community, but described it as “an important step to reduce risk,” adding, “Most functionality has been restored but we may take further actions and will update you if we do.”
Compromised accounts locked
As for the compromised accounts, the company said it has locked all of them down and would only restore access to the original account owner “when we are certain we can do so securely.”
In its final message in a flurry of tweets posted around 7:40 p.m PT, it said: “Internally, we’ve taken significant steps to limit access to internal systems and tools while our investigation is ongoing. More updates to come as our investigation continues.”
Dozens of high-profile accounts were hit in the scam, with each one posting a message that offered to pay a sender double any payment they made to a Bitcoin wallet address included in the tweet. According to Blockchain.com data, more than $100,000 had been sent to the Bitcoin wallet via more than 370 transactions as of early Wednesday evening.
Former President Barack Obama and the presumptive Democratic presidential nominee, former Vice President Joe Biden, were among the hacked accounts. Microsoft co-founder Bill Gates, Tesla CEO Elon Musk, Amazon CEO Jeff Bezos, entertainer Kanye West, and former New York City mayor Michael Bloomberg were also targeted, as were tech firms such as Apple and Uber.
Twitter CEO Jack Dorsey described it as a “tough day” for the company, adding, “We all feel terrible this happened.”
- Twitter expands tweet character limit massively
- Elon Musk reveals date for Twitter Blue relaunch
- Twitter to start layoffs on Friday, internal email reveals
- Twitter’s latest features are all about curbing election misinformation
- This Twitter vulnerability may have revealed owners of burner accounts