A Twitter hack affecting top politicians and celebrities in the United States has helped a Bitcoin wallet receive over $100,000 via at least 300 transactions. What happened? Who was affected? Why does this incident matter?
It was a bad day even by Twitter standards. In what is being dubbed as one of the “most brazen online attacks in memory”, the most powerful Twitter accounts in America were all tweeting about Bitcoins on Wednesday afternoon. It was a scam, of course, but one that got a social push from the biggest political and entertainment handles in the United States. Twitter tried to regain control and delete the messages, but some of the handles were posting similar messages even after that.
Among the affected names are former president Barack Obama, presidential hopefuls Joseph R. Biden Jr. and Kanye West, tech stars Bill Gates and Elon Musk, as well as institutional handles like @Apple. As Twitter tried to regain control, verified handles across the world went mute for a while and were unable to tweet.
What was the Twitter hack all about?
Around 4 pm Wednesday in the US, many high-profile accounts started tweeting a message saying any bitcoin sent to a link in the tweet will be sent back doubled, an offer the tweet said last just for 30 minutes.
Apple and Uber handles were among the first to be impacted, followed by those of Musk and Gates. In a couple of hours, it had taken over the handles of Obama, Biden, Mike Bloomberg and Amazon founder Jeff Bezos. Around the time handles of boxer Floyd Mayweather and celebrity Kim Kardashian had been affected, Twitter locked most large verified accounts across the US and rest of the world.
However, in the four-odd hours the tweets were live, the Bitcoin wallet promoted in the tweets received over $100,000 via at least 300 transactions.
Twitter’s product lead Kayvon Beykpour tweeted that their “investigation into the security incident is still ongoing”, and promised more updates from @TwitterSupport. “In the meantime, I just wanted to say that I’m really sorry for the disruption and frustration this incident has caused our customers,” he said.
In a series of tweets, @TwitterSupport acknowledged the “security incident” and informed users that they maybe be unable to tweet or reset passwords till the micro-blogging platform reviewed the incident.
About four hours after the first acknowledgment, the handle said: “Most accounts should be able to Tweet again. As we continue working on a fix, this functionality may come and go. We’re working to get things back to normal as quickly as possible.”
Twitter CEO Jack Dorsey called it a tough day for “us at Twitter”. “We all feel terrible this happened. We’re diagnosing and will share everything we can when we have a more complete understanding of exactly what happened,” he tweeted.
How did the Twitter hack happen?
According to Twitter Support, the “coordinated social engineering attack” was executed by people who “successfully targeted some of our employees with access to internal systems and tools”. “We know they used this access to take control of many highly-visible (including verified) accounts and Tweets on their behalf. We’re looking into what other malicious activity they may have conducted or information they may have accessed and will share more here as we have it,” another tweet said. Twitter said that even as it has limited functionality of the affected accounts, it also restricted access to internal systems and tools.
Clearly, the vulnerability that has been exploited was within the Twitter systems and not on the user side.
In an effort to catch up to TikTok in the short-video industry, YouTube, which is controlled by Google, has announced...Read more