In an unprecedented hacker attack on Twitter, unknown persons managed to spread advertising for a Bitcoin scam via profiles of celebrities such as ex-president Barack Obama and Amazon boss Jeff Bezos.
Twitter promised clarification as to whether the attackers were also able to gain access to information on the affected accounts.
According to initial findings of the short message service, Twitter employees with access to internal systems were targeted in a coordinated attack. Since the beginning of the Corona crisis, the majority of Twitter employees have been working from home. At the same time, the “Vice” website reported, citing an alleged attacker, that they had also paid a Twitter insider for his help. The information could not be independently confirmed at first.
In the message spread through the accounts on Wednesday, it was promised to pay back sent Bitcoins twice. Profiles of Democratic presidential candidate Joe Biden, former New York Mayor Michael Bloomberg, rapper Kanye West, Microsoft founder Bill Gates and Tesla boss Elon Musk were also misused for this purpose. The account of US President Donald Trump, for whom Twitter is a central communication channel, was not affected.
What is particularly alarming about the attack is that, despite all security measures, the attackers managed to spread their messages on a large scale, even via very well protected Twitter accounts. With this access they could have used a crude Bitcoin scam to try to manipulate stock prices via false tweets, for example.
“We all regret that this has happened,” wrote Twitter boss Jack Dorsey. “A tough day for us on Twitter.” Once the company had “a better understanding” of what happened, they would inform the public as fully as possible.
Many of the Twitter accounts were temporarily suspended, but were back online shortly afterwards without the fraudulent messages. For several hours, verified Twitter profiles were largely unable to twitter at all because the service wanted to stop the Bitcoin scam from spreading further. Crypto currency worth over $100,000 was quickly sent to a Bitcoin account mentioned in the Twitter messages.
Twitter has had problems with account hijacking in the past – but never before on such a broad scale and with so many prominent names at once. The scale of the attack alone suggested that this time, instead of using an app linked to Twitter accounts, as in previous cases, Twitter systems were used directly.
The celebrities’ accounts were probably protected with complex passwords and the so-called two-factor authentication, which requires a freshly sent code to log on to another device. However, these security precautions could obviously be circumvented by accessing Twitter systems.
Twitter had further tightened its security measures after unknown persons spread news about the account of the company’s CEO Jack Dorsey almost a year ago. The service stated at the time that its systems had not been hacked, but a security hole at Dorsey’s mobile phone provider had allowed the tweets to be sent by SMS. Most recently, a group called “OurMine” managed to post to the accounts of several American football teams at the end of January. The aim was to show “that everything is hackable”, they said at the time.
Before the stock exchange opened, Twitter shares on the NYSE fell by 3.90 percent to 34.28 dollars.
For more interesting investment ideas, check out the Capitalist Partners Newsletter