Twitter CEO Jack Dorsey has apologized after the social network fell victim to a cyberattack that hacked several high-profile accounts including the official accounts of presumptive Democratic nominee Joe Biden and tech moguls Bill Gates and Jeff Bezos in order to spread a cryptocurrency scam.
The hacked accounts posted a message telling users they were "giving back to the community," linking to the address of a Bitcoin wallet with the claim that they would send back double the amount of any payments made to the address.
Other accounts targeted by the scam include Apple, Elon Musk, Kim Kardashian West, former President Barack Obama, Wiz Khalifa, Warren Buffett, Wendy’s, Uber, CashApp and former New York City Mayor Mike Bloomberg. Cryptocurrency-focused accounts such as @bitcoin, @ripple, @coindesk, @coinbase and @binance were the first targets of the scam posts.
Dorsey posted early Thursday to tell users the platform feels "terrible."
Tough day for us at Twitter. We all feel terrible this happened.— jack (@jack) July 16, 2020
We’re diagnosing and will share everything we can when we have a more complete understanding of exactly what happened.
?? to our teammates working hard to make this right.
The platform's support team has launched an investigation into the attack. Its early assumptions are that it is a "coordinated social-engineering attack" by people who successfully targeted some Twitter employees who had access to internal systems and tools. The hackers used this administrative access to take control of many highly visible, including verified, accounts and tweet on their behalf.
Since the hackers took control of the accounts, investigative journalist Brian Krebs raised the question of whether the hackers could have viewed the direct messages of those politicians, chief executives and celebrities.
Here's a question about the twitter compromise today that hasn't yet been answered: With the internal twitter tools access the attackers had, could they also have viewed the target account's direct messages?— briankrebs (@briankrebs) July 16, 2020
The affected accounts were locked down and scam tweets removed within hours of the attack. Twitter confirmed that it locked a slew of verified accounts from tweeting for a period of time, even those with no evidence of being compromised, while it investigated the issue.
"This was disruptive, but it was an important step to reduce risk," the @TwitterSupport account said. "Most functionality has been restored but we may take further actions and will update you if we do."
Social listening cryptocurrency platform LunarCrush said the scam led to the biggest ever spike in conversation about cryptocurrency within a 24-hour time span, with more than 550,000 social posts about cryptocurrency across platforms including Twitter, Reddit, YouTube and Medium, of which 95% of posts were related to Bitcoin.