Twitter experiences widespread hack in coordinated cryptocurrency scam
The hack is affecting a number of high profile accounts on the platform.
What you need to know
- Twitter has experienced a major security breach.
- The breach has resulted in a number of accounts sending Bitcoin-related tweets.
- The hack appears to be part of a widespread cryptocurrency scam.
Twitter is currently experiencing a widespread security breach that is resulting in a number of high profile accounts encouraging their followers to send Bitcoin to an unknown account.
Update 7: The New York Times reports that the hack started as a quest for usernames but then evolved into a Bitcoin scam.
Update 6: Twitter says they believe the hack was the result of a social engineering attack against some of its employees with access to internal systems.
Update 5: Twitter CEO Jack Dorsey has apologized for the security breach and says the team is still researching what caused the hack.
Update 4: Twitter has limited additional account functionality for more users, not just verified accounts.
Update 3: Some verified Twitter accounts are able to tweet again but only temporarily.
Update 2: Verified Twitter accounts have had their ability to tweet disable but can retweet.
Get the Windows Central Newsletter
All the latest news, reviews, and guides for Windows and Xbox diehards.
Update 1: Twitter's official Support account has acknowledged the breach, saying that they are actively investigating and working on a fix.
We are aware of a security incident impacting accounts on Twitter. We are investigating and taking steps to fix it. We will update everyone shortly.We are aware of a security incident impacting accounts on Twitter. We are investigating and taking steps to fix it. We will update everyone shortly.— Twitter Support (@TwitterSupport) July 15, 2020July 15, 2020
Apple, along with a number of high profile Twitter accounts like Elon Musk, Uber, and Barack Obama have all been affected by the breach. While each tweet has been slightly different, all link to the same Bitcoin account.
In response to the hack, Twitter has currently shut down all verified accounts from being able to post on the platform.
You may be unable to Tweet or reset your password while we review and address this incident.You may be unable to Tweet or reset your password while we review and address this incident.— Twitter Support (@TwitterSupport) July 15, 2020July 15, 2020
Verified accounts can retweet, but are unable to tweet.
Additionally, non-verified accounts are being affected by Twitter's attempt to remedy the situation. Twitter is recommending everyone reset their password.
We’re continuing to limit the ability to Tweet, reset your password, and some other account functionalities while we look into this. Thanks for your patience.We’re continuing to limit the ability to Tweet, reset your password, and some other account functionalities while we look into this. Thanks for your patience.— Twitter Support (@TwitterSupport) July 15, 2020July 15, 2020
Hours after the hack, Twitter CEO Jack Dorsey has apologized for the security breach and says that the team at Twitter is still working to understand how the hack occurred.
Tough day for us at Twitter. We all feel terrible this happened.
We're diagnosing and will share everything we can when we have a more complete understanding of exactly what happened.
💙 to our teammates working hard to make this right.Tough day for us at Twitter. We all feel terrible this happened.
We're diagnosing and will share everything we can when we have a more complete understanding of exactly what happened.
💙 to our teammates working hard to make this right.— jack (@jack) July 16, 2020July 16, 2020
Twitter says that the hack is the result of a coordinated social engineering attack against a number of its internal employees which gave the hackers access to internal systems.
We detected what we believe to be a coordinated social engineering attack by people who successfully targeted some of our employees with access to internal systems and tools.We detected what we believe to be a coordinated social engineering attack by people who successfully targeted some of our employees with access to internal systems and tools.— Twitter Support (@TwitterSupport) July 16, 2020July 16, 2020
After interviewing hackers claiming to be involved in the security breach, the New York Times is reporting that the hack began as a quest to obtain sought after usernames. Then, one individual began engaging in a cryptocurrency scam that affected a number of high profile accounts.
Hackers involved in the Twitter breach said it started as a quest for cool usernames. Then one member of the group began going after cryptocurrency companies, Jeff Bezos, and Kanye West. w/@nathanielpopper https://t.co/uc1UDInglzHackers involved in the Twitter breach said it started as a quest for cool usernames. Then one member of the group began going after cryptocurrency companies, Jeff Bezos, and Kanye West. w/@nathanielpopper https://t.co/uc1UDInglz— kate conger (@kateconger) July 17, 2020July 17, 2020
This is a developing story and we will update as we receive more information.