Prominent and USA social media giant TWITTER was on Wednesday devastate by a malicious attacker on the American high-profile accounts leaving hundreds of dollars scooped by the hackers.
Twitter accounts belonging to Joe Biden, Bill Gates, Kanye West, Bloomberg, Elon Musk and Apple, among other prominent handles, were compromised on Wednesday in what the company said it believes to be an attack on some of its employees with access to the company’s internal tools.
The attack was a bitcoin cryptocurrency driven charity like campaign intended to compel millions of accounts’ followers as well as the owners to fall victims.
“You know I living giving back to my community. I am doubling all BTC payments sent to my address. You send $1000 and I will send $2000 back!
Tell your family & friends! Only going on for 30 minutes, “a tweet on Elon Musk handle said with a target link embed.
“Everyone is asking me to give back, and now is the time,” Gates’ tweet said, promising to double all payments to a Bitcoin address for the next 30 minutes. All the tweets were subsequently deleted.
“We detected what we believe to be a coordinated social engineering attack by people who successfully targeted some of our employees with access to internal systems and tools,” Twitter said.
When Twitter learnt about the incident, they immediately locked down all the affected accounts and removed the tweets posted by the attackers.
As a matter of investigation, twitter’s verified accounts marked with blue ticks were temporarily stopped from tweeting altogether, password reset requests were also being denied and some other “account functions” disabled. However, by 20:30 EDT (00:30 GMT Thursday) these accounts were able to send tweets again, but Twitter said it was still working on a fix.
Security experts have raised concerns with Twitter’s recurring attacks and referred to the incident to be the worst hack of a major social media platform yet.
The tweets were deleted just minutes after they were first posted. But as the first such tweet from Musk’s account was removed, another one appeared, then a third.
Others targeted included:
- the rapper Kanye West
- former US Vice-President Joe Biden, who is the current Democratic presidential candidate
- the ride-sharing app Uber
- former US President Obama
- media billionaire Mike Bloomberg
- reality TV star Kim Kardashian
- the iPhone-maker Apple
In a tweet on Wednesday, CEO Jack Dorsey said it was a “tough day for us at Twitter.”
“We all feel terrible this happened,” Dorsey said. “We’re diagnosing and will share everything we can when we have a more complete understanding of exactly what happened.”
It should be remembered that last year Twitter’s CEO Jack account was also infiltrated by hackers and a series of insulting or racist messages were posted on the personal, raising concerns about whether any account on the platform can truly avoid being compromised.
The mechanism by which that hack occurred was fixed by Twitter after Dorsey’s hack and there’s no reason to believe it is to blame here.
“We can confirm that this tweet was not sent by Bill Gates,” a spokesperson for Gates told CNN Business. “This appears to be part of a larger issue that Twitter is facing. Twitter is aware and working to restore the account.”
According to CNN, the apparent scam has also caught the attention of the FBI.
“We are aware of today’s security incident involving several Twitter accounts belonging to high profile individuals,” the FBI’s San Francisco field office said in a statement.
“The accounts appear to have been compromised in order to perpetuate cryptocurrency fraud. We advise the public not to fall victim to this scam by sending cryptocurrency or money in relation to this incident.”
Sen. Josh Hawley (R-Mo.), sent a letter to Twitter CEO Jack Dorsey late Wednesday, asking the company to cooperate with the Justice Department and Federal Bureau of Investigation to secure the breach. Hawley posed several questions to the company about how the breach occurred and how widespread the effects were.
NEW — As Twitter experiences a massive cyberattack, Senator Hawley sent a letter to Twitter CEO @jack requesting he immediately reach out to the Department of Justice and Federal Bureau of Investigation to take any necessary measures to secure the site. https://t.co/I3O9B2pvTg pic.twitter.com/Aq844gOh4C— Senator Hawley Press Office (@SenHawleyPress) July 16, 2020
Instagram message (BBC Report)
The BBC can report from a security source that a web address – cryptoforhealth.com – to which some hacked tweets directed users was registered by a cyber-attacker using the email address firstname.lastname@example.org.
The name “Anthony Elias” was used to register the website but may be a pseudonym – it appears to be a play on “an alias”.
Cryptoforhealth is also a registered username on Instagram, apparently set up contemporaneously to the hack.
The description of the profile read “It was us”, alongside a slightly smiling face emoticon.
The Instagram profile also posted a message that said: “It was a charity attack. Your money will find its way to the right place.”
In any case, the real identities of the perpetrators are as yet unknown.
In a short time, it was online, the link displayed in the tweets of targeted accounts received hundreds of contributions totalling more than $100,000 (£80,000), according to publicly available blockchain records.
According to barrons.com, Twitter shares advanced 3.8% during regular trading Wednesday, to close at $35.67. The stock began to fall around 4:30 p.m. Eastern time, about 30 minutes after the attack appears to have started. The stock traded as low as $34.01 before closing the after-hours session at $34.53, a decline of 3.2%.
Twitter has been in the spotlight for months, first after activist investor Elliott Management took a stake in the company and initially tried to oust CEO Jack Dorsey from his job. Elliott and Twitter have reached something of a truce, after the company agree to appoint new board members and buyback stock.
Shares of Twitter have gained 11.3% this year, excluding Wednesday’s late trading action, while the S&P 500 Index is down 0.1%.
This is not the first time that Twitter has reported a massive hack. In March 2017, the accounts of Amnesty International, the French economics ministry and the BBC’s North America service were broken into by hackers believed to have been loyal to Turkish President Recep Tayyip Erdogan.