- The hack first targeted crypto companies and personalities before moving to tech figures and politicians
- Exchanges like Coinbase and Gemini immediately blocked their users from sending funds to the hackers’ Bitcoin address
- Some analysts suspected API-level vulnerability
The Twitter accounts of Elon Musk, Bill Gates, Barack Obama, Joe Biden and many other prominent figures have tweeted links to a Bitcoin scam site in the latest coordinated Twitter hacking attack. Within minutes, Twitter accounts of high-profile figures in cryptocurrency, tech, and politics were compromised.
The message posted on the hacked Twitter accounts Wednesday, July 15, appeared to associate the Bitcoin giveaway to an entity “Crypto For Health.” The message enticed users to send BTC to receive double the amount sent. So far, the scam has raked in 12.85 BTC, worth $118,496 in Wednesday’s BTC prices. The Bitcoin wallet where the scammed funds are deposited appeared to be quickly transferring the coins to multiple other addresses.
The first accounts that were compromised were of crypto exchanges like Binance, Gemini, Coinbase, and Kucoin. The next wave hit crypto companies like Ripple, news site Coindesk and crypto personalities like Tron Foundation’s Justin Sun and Litecoin’s Charlie Lee. Binance’s Changpeng “CZ” Zhao warned his followers of the ongoing scam but minutes later, his account was hacked too.
About an hour later, the Twitter accounts of some prominent figures in tech, including Bill Gates, Elon Musk and Jeff Bezos began tweeting similar scam messages without the “Crypto for Health” association. Musk’s Twitter account posted more of the hacked tweets. Around the same time, accounts of politicians like former President Obama and presumptive Democratic nominee Joe Biden were tweeting the scam.
Later, the accounts of tech companies like Apple and Uber were also compromised.
Coinbase immediately blocked any user wallet from sending Bitcoins to the address associated with the hack. Gemini Exchange, owned by Tyler and Cameron Winklevoss, also blocked the Bitcoin address.
In response, Twitter first blocked verified accounts from posting since the majority of the hacked accounts have targeted them. This appeared to put the situation under control. Verified accounts are those with blue checkmarks next to their names on the platform. Twitter CEO Jack Dorsey said his team is diagnosing the situation and will share more details once they have a clear understanding of what happened.
The scale of the attack raised questions about Twitter’s security. Analyst and cryptographer Jameson Lopp suggested that someone appeared to have root-level access to Twitter. Bitcoin advocate and author of “Mastering Bitcoin”, Andreas Antonopoulos, suspected API-level vulnerability.
The social networking platform’s stock price was down 3.25% in after-hours trading Wednesday.
Bitcoin’s price remained virtually unchanged, however, as it trades within the $9,200 range.
This is a developing story.