On Wednesday, social media channel Twitter drew flak for being hit by one of the major cyberattacks in its history.
In what is being dubbed as a far-reaching hacking campaign launched to promote a cryptocurrency scam, several high-profile Twitter accounts, including those of US presidential candidate Joe Biden, Amazon CEO Jeff Bezos, Bill Gates, Elon Musk, Uber, and Apple, were hacked at the same time.
According to Twitter, the security incident is a “coordinated social engineering attack” against its employees who have access to its internal tools.
The hackers behind the operation are reported to have collected closely $120,000 in bitcoins, suggesting that unwary users have certainly fallen for the fake scheme.
“We detected what we believe to be a coordinated social engineering attack by people who successfully targeted some of our employees with access to internal systems and tools,” the company said in a series of tweets.
“Internally, we’ve taken significant steps to limit access to internal systems and tools while our investigation is ongoing.”
It’s not still clear who orchestrated the attack, but it seems to have been primarily directed against cryptocurrency-focused accounts, such as Bitcoin, Ripple, CoinDesk, Gemini, Coinbase and Binance, all of which were hacked with the same message:
“We have partnered with CryptoForHealth and are giving back 5000 BTC to the community.”
The tweets from the affected accounts have been deleted, but Twitter took the unusual step of momentarily halting many confirmed accounts marked with blue ticks from tweeting altogether.
While account hijacks on Twitter have occurred before, this is the first time it’s occurred at such an extraordinary scale on the social network, leading to conjectures that hackers took control of a Twitter employee’s administrative access to “take over a prominent account and tweet on their behalf”.
Security investigators also discovered that the hackers had not only seized the victims’ accounts, but also changed the email address related to the account to make it more difficult for the real user to regain access.